First Malicious Open Source Component Discovered to Deploy RootKits

Oct 6, 2023 | Podcast

A malicious component in the npm package registry has been found to be deploying an open-source rootkit. The package is called node-hide-console-windows, which looks to be a typo-squat of the legitimate npm package node-hide-console-window. There is an additional s at...

Guest on KBKast – Navigating the Wild West

Oct 6, 2023 | Podcast, Posts, Speaking

Navigating the Wild West I had the privilege of being on episode 215 of Karissa’s KBKast podcast where we chatted about tools and techniques to assess the security and integrity of Open Source software. The conversation started out with me highlighting the...

Mass Active Exploitation of WS_FTP Vulnerability

Oct 5, 2023 | Podcast

Security Researchers have spotted evidence of mass exploitation of vulnerabilities in Progress Software’s WS_FTP Server file sharing Platform. The server file sharing platform has a maximum severity remote code execution vulnerability which attackers can exploit...

Critical Vulnerability in Popular Image Rendering Library Under Active Exploitation

Oct 4, 2023 | Podcast

A popular library for rendering images in the WebP format has a critical vulnerability that is under active exploitation. The vulnerability is with the libwebp library and it suffers from a heap buffer overflow which allows a remote attacker to perform an out of...

Microsoft’s AI Chat Serving Up Malware

Oct 3, 2023 | Podcast

Microsoft’s Bing Chat AI search assistant has been discovered to be serving up malicious ads to users. Bing Chat was first introduced in February this year and began serving ads a month later to help cover costs. However, incorporating ads into the platform has...

Fake Bitwarden Website Serving Malware to Windows Users

Oct 2, 2023 | Podcast

A fake Bitwarden password manager lookalike site is distributing malware to unsuspecting visitors. The fake website is a very convincing lookalike to the real Bitwarden site and has a typo squat domain name to fool potential victims. It is believed that phishing...

Attackers Impersonating Dependabot to Sneak Malicious Code Changes

Sep 29, 2023 | Podcast

Attackers targeting software supply chains are impersonating GitHub Dependabot to sneak their malicious code changes past developers. Security researchers have discovered a campaign where attackers were attempting to sneak code into software projects by disguising...

Info Stealing Campaign Targeting Developers Through Open Source Software

Sep 28, 2023 | Podcast

Attackers have been running a campaign this month, using malicious open-source packages to steal sensitive data from software developers. The campaign commenced on September 12 2023 and started with 14 malicious packages on npm. There was a brief hiatus on September...

Using Graphics Cards to Steal Website Data

Sep 27, 2023 | Podcast

Your computer’s graphic card could be exposing sensitive data to malicious websites. Researchers have published a paper demonstrating how a malicious website can exploit a vulnerability in the GPU (Graphic Processing Unit) to perform a cross-origin attack and...

Beware: Phishing Scam from Legitimate Booking Platforms

Sep 26, 2023 | Podcast

Phishing scams just got more sophisticated with scammers targeting hotel staff in order to phish their customers. Security researchers discovered a sophisticated credit card stealing campaign where the hackers first target hotel staff. They first make contact with the...