Wednesday, February 10, 2021
Dependency Confusion Supply-Chain Attack Hit Over 35 High-Profile Companies
In what’s a novel supply chain attack, a security researcher managed to breach over 35 major companies’ internal systems, including that of Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, and achieve remote code execution. The technique, called dependency confusion or a substitution attack, takes advantage of the fact that a piece of software may include components from a mix
Subscribe to:
Post Comments (Atom)
Popular Posts
-
Threat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign
-
Following the release of iOS 10.3.2 on May 15, Apple has stopped signing iOS 10.3.1, the previous version of iOS that was available to consu...
No comments:
Post a Comment