Wednesday, February 10, 2021
Dependency Confusion Supply-Chain Attack Hit Over 35 High-Profile Companies
In what’s a novel supply chain attack, a security researcher managed to breach over 35 major companies’ internal systems, including that of Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, and achieve remote code execution. The technique, called dependency confusion or a substitution attack, takes advantage of the fact that a piece of software may include components from a mix
Subscribe to:
Post Comments (Atom)
Popular Posts
-
Threat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign
-
Venezuela used to be the richest country in Latin America, sitting on the world’s largest oil reserves. Yet Venezuelans are scrambling for m...
-
Following today’s news that Samsung and Apple have worked together to bring an iTunes Movies & TV app and AirPlay 2 support to 2018 and ...
No comments:
Post a Comment