supply chain attacks

Pierluigi Paganini December 20, 2022
Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware

Researchers spotted a malicious package in the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for SentinelOne. Cybersecurity researchers at ReversingLabs have discovered a new malicious package, named ‘SentinelOne,’ on the Python Package Index (PyPI) repository that impersonates a legitimate software development kit (SDK) for SentinelOne. The malicious package was first […]

Pierluigi Paganini April 27, 2021
CISA, NIST published an advisory on supply chain attacks

CISA and NIST published a report on software supply chain attacks that shed light on the associated risks and provide instructions on how to mitigate them. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) released a joint advisory that provides trends and best practices related to […]

Pierluigi Paganini November 16, 2020
Lazarus malware delivered to South Korean users via supply chain attacks

North Korea-linked Lazarus APT group is behind new campaigns against South Korean supply chains that leverage stolen security certificates.  Security experts from ESET reported that North-Korea-linked Lazarus APT (aka HIDDEN COBRA) is behind cyber campaigns targeting South Korean supply chains. According to the experts the nation-state actors leverage stolen security certificates from two separate, legitimate South […]

Pierluigi Paganini September 23, 2019
TortoiseShell Group targets IT Providers in supply chain attacks

Symantec spotted a new threat actor, tracked as TortoiseShell, that is compromising IT providers to target their specific customers. Symantec researchers spotted a new threat group, tracked as TortoiseShell, that is compromising IT providers to target their specific customers. The group was first spotted in 2018, but experts speculate that it has been active for […]