Category Archives: Social Engineering

Other Attempts to Take Over Open Source Projects

Posted on by

After the XZ Utils discovery, people have been examining other open-source projects. Surprising no one, the incident is not unique:

The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names and overlapping GitHub-associated emails. These emails implored OpenJS to take action to update one of its popular JavaScript projects to “address any critical vulnerabilities,” yet cited no specifics. The email author(s) wanted OpenJS to designate them as a new maintainer of the project despite having little prior involvement. This approach bears strong resemblance to the manner in which “Jia Tan” positioned themselves in the XZ/liblzma backdoor…

Continue reading Other Attempts to Take Over Open Source Projects

Cisco Duo provider breached, SMS MFA logs compromised

Posted on by

Hackers have managed to compromise a telephony provider for Duo, the Cisco-owned company providing secure access solutions, and steal MFA (multi-factor authentication) SMS message logs of Duo customers. About the attack The unnamed provider – one… Continue reading Cisco Duo provider breached, SMS MFA logs compromised

New open-source project takeover attacks spotted, stymied

Posted on by

The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils package by someone who called themselves “Jia Tan”. This malicious ma… Continue reading New open-source project takeover attacks spotted, stymied

OpenSSF Warns of Fake Maintainers Targeting JavaScript Projects

Posted on by

By Deeba Ahmed
Alarming social engineering attacks target critical open-source projects! Learn how to protect your project and the open-source community from takeovers.
This is a post from HackRead.com Read the original post: OpenSSF Warns of Fake Main… Continue reading OpenSSF Warns of Fake Maintainers Targeting JavaScript Projects

Texting Secrets: How Messenger Apps Guard Your Chats

Posted on by

By Uzair Amir
Worried about prying eyes? We explain how messenger apps keep your chats confidential with features like encryption & multi-factor authentication. Learn about security risks & emerging technologies for a safer digital future.
T… Continue reading Texting Secrets: How Messenger Apps Guard Your Chats

Backdoor in XZ Utils That Almost Happened

Posted on by

Last week, the Internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story of the attack and its discovery: The security of the global Internet depends on countless obscure pieces of software written and maintained by even more obscure unpaid, distractible, and sometimes vulnerable volunteers. It’s an untenable situation, and one that is being exploited by malicious actors. Yet precious little is being done to remedy it…

Continue reading Backdoor in XZ Utils That Almost Happened

XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor

Posted on by

Read about a supply chain attack that involves XZ Utils, a data compressor widely used in Linux systems, and learn how to protect from this threat. Continue reading XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor

XZ Utils Backdoor

Posted on by

The cybersecurity world got really lucky last week. An intentionally placed backdoor in XZ Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux. From ArsTehnica:

Malicious code added to XZ Utils versions 5.6.0 and 5.6.1 modified the way the software functions. The backdoor manipulated sshd, the executable file used to make remote SSH connections. Anyone in possession of a predetermined encryption key could stash any code of their choice in an SSH login certificate, upload it, and execute it on the backdoored device. No one has actually seen code uploaded, so it’s not known what code the attacker planned to run. In theory, the code could allow for just about anything, including stealing encryption keys or installing malware…

Continue reading XZ Utils Backdoor

US organizations targeted with emails delivering NetSupport RAT

Posted on by

Employees at US-based organizations are being targeted with emails delivering NetSupport RAT malware via “nuanced” exploitation and by using an advanced detection evasion method. The malware campaign The campaign, dubbed PhantomBlu, takes t… Continue reading US organizations targeted with emails delivering NetSupport RAT

Hacker Conversations: Stephanie ‘Snow’ Carruthers, Chief People Hacker at IBM X-Force Red

Posted on by

The desire to be a hacker is usually innate, and commonly emerges in early life. This did not happen with Snow: she was a married freelance special effects makeup artist when it all began.
The post Hacker Conversations: Stephanie ‘Snow’ Carruthers, Chi… Continue reading Hacker Conversations: Stephanie ‘Snow’ Carruthers, Chief People Hacker at IBM X-Force Red