Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 05/17/21 in all areas

  1. Ireland's health services are still recovering from a ransomware attack, but hackers shouldn't expect their demands to be met. Rapid7 has disclosed the compromise of customer data and partial source code due to the Codecov supply chain attack. On Thursday, the cybersecurity firm said it was one of the victims of the incident, in which an attacker obtained access to the Codecov Bash uploader script. The cyberattack against Codecov took place on or around January 31, 2021, and was made public on April 15. The organization, which provides code coverage and testing tools, said that a threat actor tampered with the Bash uploader script, thereby compromising the Codecov-actions uploader for GitHub, Codecov CircleCl Orb, and the Codecov Bitrise Step. This enabled attackers to export data contained in user continuous integration (CI) environments. Hundreds of clients were potentially impacted, and now, Rapid7 has confirmed that the company was one of them. Rapid7 says the Bash uploader was used in a limited fashion as it was only set up on a single CI server used to test and build tooling internally for the Managed Detection and Response (MDR) service. As such, the attacker was kept away from product code, but they were able to access a "small subset of source code repositories" for MDR, internal credentials -- all of which have now been rotated -- and alert-related data for some MDR customers. Rapid7 has reached out to customers impacted by the data breach. The company pulled in cyberforensics assistance and following an investigation, has concluded that no other corporate systems or production environments were compromised. Codecov has since removed the unauthorized actor from its systems and is setting up monitoring and auditing tools to try and prevent another supply chain attack from occurring in the future. Impacted customers were notified via email addresses on record and through the Codecov app. Codecov recommends that users of the Bash uploaders between January 31, 2021, and April 1, 2021, who did not perform a checksum validation should re-roll their credentials out of caution. Via zdnet.com
    1 point
  2. Cel mai simplu ar fi sa folosesti MobSF: https://github.com/MobSF/Mobile-Security-Framework-MobSF Incarci APK si iti scoate un raport. Iti gaseste probleme de configurare si _potentiale_ vulnerabilitati. In principiu ar trebui verificate/validate. De exemplu, iti gaseste niste activitati neprotejate, dar poate sunt inutile. Sau iti gaseste folosirea unui API considerat insecure dar, la fel, poate nu este exploatabil in scenariul respectiv.
    1 point
×
×
  • Create New...