Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 23 Nov 2017, 16:57
All times are UTC - 4
 Forum index » Off-Topic Area » Security
software supply-chain attacks
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [1 Post]  
Author Message
labbe5

Joined: 13 Nov 2013
Posts: 1023
Location: Canada

PostPosted: Tue 26 Sep 2017, 11:52    Post subject:  software supply-chain attacks
Subject description: likely from nation-state hackers
 

https://www.wired.com/story/ccleaner-malware-targeted-tech-firms/

The exact dimensions of the CCleaner attack will likely continue to be redrawn, as analysis continues. But it already represents another serious example in the string of software supply-chain attacks that have recently rocked the internet. Two months earlier, hackers hijacked the update mechanism of the Ukrainian accounting software MeDoc to deliver a destructive piece of software known as NotPetya, causing massive damage to companies in Ukraine as well as in Europe and the United States. In that case, as in the CCleaner attack, victims installed seemingly legitimate software from a small but trusted company, only to find that it had been silently corrupted, deeply infecting their IT systems.

In the days following the NotPetya attack, many in the security research community shifted their assessment of the attack from a criminal ransomware outbreak to something more insidious, targeted, and created by nation-state hackers. Now, it seems that the mystery surrounding the CCleaner attack may be moving in that same, disturbing direction.

Further reading :
https://arstechnica.com/information-technology/2017/10/equifax-rival-transunion-also-sends-site-visitors-to-malicious-pages/
https://www.maketecheasier.com/what-to-do-for-redirect-attacks/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+MakeTechEasier+%28Make+Tech+Easier%29
https://arstechnica.com/information-technology/2017/10/new-wave-of-data-encrypting-malware-crashes-through-russia-and-ukraine/
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [1 Post]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1153s ][ Queries: 14 (0.0477s) ][ GZIP on ]