Wednesday, February 10, 2021
Dependency Confusion Supply-Chain Attack Hit Over 35 High-Profile Companies
In what’s a novel supply chain attack, a security researcher managed to breach over 35 major companies’ internal systems, including that of Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, and achieve remote code execution. The technique, called dependency confusion or a substitution attack, takes advantage of the fact that a piece of software may include components from a mix
Subscribe to:
Post Comments (Atom)
Popular Posts
-
Threat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign
-
You might not need to panic. BroadSoft tells Gizmodo that it locked down its Amazon data (Charter says it was taken down) and hasn’t seen ev...
-
Tired of home security cameras that add nothing to your home (besides, well, surveillance)? The Ulo, created by Luxembourg-based Mu Design, ...
No comments:
Post a Comment