![]() ![]() One thing the ICTsec industry should be (in)famous for is not learning from it’s history of even half a decade ago… Thus the ICTsec “seasons” are lamentabley short in duration unlike other fields of endeavour.Īnother thing to note is supply line poisoning has been going on for literally years… Why a “good sign”… well because it means other types of attack have become less successful.īut we should not be complacent because in effect “the low hanging fruit” have become unavailable in this season, thus it’s now time for the slightly higher level fruit to get munched upon.ġ, Low hanging fruit comer around every new season.Ģ, Some evolve so that they operate beyond the low hanging fruit at all times. Let me say straight off, it’s probably a good sign that supply chain attacks, like phishing attacks have become the top types of attack respectively. Tags: Android, data protection, malware, supply chain ![]() More likely is that they’ve been happening for a while, and we have recently become more diligent about looking for them. I don’t know if there are actually more supply-chain attacks occurring right now. Until today, and based on its own telemetry, ESET said it spotted malware-laced NoxPlayer updates being delivered to only five victims, located in Taiwan, Hong Kong, and Sri Lanka. Using this access, hackers tampered with the download URL of NoxPlayer updates in the API server to deliver malware to NoxPlayer users.ĭespite evidence implying that attackers had access to BigNox servers since at least September 2020, ESET said the threat actor didn’t target all of the company’s users but instead focused on specific machines, suggesting this was a highly-targeted attack looking to infect only a certain class of users. This one is in the NoxPlayer Android emulator:ĮSET says that based on evidence its researchers gathered, a threat actor compromised one of the company’s official API () and file-hosting servers (). It seems to be the season of sophisticated supply-chain attacks. NoxPlayer Android Emulator Supply-Chain Attack ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |