Netizen Blog and News
The Netizen team sharing expertise, insights and useful information in cybersecurity, compliance, and software assurance.
Category: Application Security
-
The XZ Compression Backdoor Timeline details a supply chain attack on the xz compression library by “Jia Tan,” who gained trust and eventually inserted a backdoor, affecting systems using the library. The attack was detected in March 2024, prompting industry response and highlighting vulnerabilities in open source supply chain security.
-
A recent backdoor in xz/liblzma has raised concerns in the software industry. The culprit, who posed as a benign contributor, managed to introduce vulnerabilities into the open-source software. The security community has since taken action, but the incident highlights the challenges of open-source development..
-
Online retailer PandaBuy was compromised, exposing 1.3 million customers’ data, prompting users to change passwords and enable two-factor authentication. Similarly, a ransomware attack affected over 2.8 million individuals through Massachusetts Health Insurer, triggering lawsuits and the offer of credit monitoring.
-
Security vulnerabilities pose a significant threat to businesses. Netizen’s Security Operations Center (SOC) has identified five critical vulnerabilities from March. These include RCE vulnerabilities in Microsoft Windows Hyper-V and Open Management Infrastructure, as well as EoP vulnerabilities in Microsoft’s Azure Kubernetes Service and desktop versions of Firefox. Immediate patching or mitigation is essential.
-
Sam Bankman-Fried, founder of the defunct cryptocurrency exchange FTX, has been sentenced to 25 years in prison for extensive financial misconduct. The case highlights the urgency of enhanced Anti-Money Laundering (AML) and Countering Financing of Terrorism (CFT) measures in the cryptocurrency sector. The industry must strengthen AML/CFT protocols and collaboration with regulators to ensure market…
-
The U.S. Department of Justice indicted seven individuals linked to China for cyberattacks aimed at silencing critics, stealing trade secrets, and interfering in American institutions. The indictment underscores the need for enhanced cybersecurity and international cooperation to combat such threats.
-
A cyberattack campaign targeted the software supply chain, affecting Top.gg GitHub and individual developers. Attackers used multiple techniques including account takeovers, submission of malicious code through verified commits, and the creation of a fake Python mirror. The campaign involved sophisticated tactics such as typosquatting, social engineering, and obfuscation.
-
Malvertising involves embedding malicious code in online ads to spread malware. The recent PuTTY malvertising campaign used Google ads to redirect users to a fake PuTTY site distributing malware. Attackers used social engineering to target IT professionals, demonstrating a deep understanding of cybersecurity and user behavior. Combatting malvertising requires a multi-layered security approach due to…
-
Microsoft’s March 2024 security updates for Windows Server have led to significant stability issues across domain controllers. Reports have surfaced from various corners indicating that servers are unexpectedly freezing and rebooting due to a memory leak in the Local Security Authority Subsystem Service (LSASS) process. The Root of the Problem The crux of the issue…
-
The GhostRace vulnerability, designated as CVE-2024-2193, unveils a significant security issue within modern CPU architectures stemming from speculative execution processes. Unpacked in the comprehensive study “GhostRace: Exploiting and Mitigating Speculative Race Conditions” by Hany Ragab, Andrea Mambretti, Anil Kurmus, and Cristiano Giuffrida from Vrije Universiteit Amsterdam and IBM Research Europe, this vulnerability exposes how speculative…
Netizen Blog and News 