Under Attack?

tsaro logo

Newsletter

November 29, 2022

Supply Chain Attack

Supply chain attacks are an emerging threat that targets software designers and suppliers. The objective is to access source codes, build processes, or update mechanisms by infecting fair apps to disseminate malware. The threats are alarming and continuously hitting the cyber market. Supply chain attacks are diverse and impact various industries. For example, the manufacturing industry has witnessed massive cyber security attacks by tampering with a company’s manufacturing processes, either by hardware or software.

Due to the weak links in the supply chain, criminals get access to organization data and systems to infiltrate overall digital infrastructure. Installing Malware at any stage of the supply chain can cause either disruptions or outages of an organization’s services. Therefore, manufacturers must be aware of many familiar sources of supply chain attacks, for example, commercial software, open-source supply chains, and foreign products.

How can TSAROLABS help manufacturers Mitigate the Risk of Supply Chain Attacks?

Know the rapidly evolving threats to stay ahead of the curve!

Hundreds of U.S. news sites drive malware in the supply-chain attack

Hackers are using the compromised infrastructure of an unrevealed media company to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S.

Dozens of PyPI packages were caught dropping 'W4SP' info-stealing malware.

Researchers have discovered over two dozen Python packages on the PyPI registry pushing info-stealing malware.
Most of these contain obfuscated code that drops "W4SP" info-stealer on infected machines, while others use malware purportedly created for "educational purposes" only.

Hackers breach software vendors for Magento supply-chain attacks.

Cyberpunks have insinuated malware in multiple attachments from FishPig, a vendor of Magento-WordPress integrations that count over 200,000 downloads.
The intruders took command of FishPig's server infrastructure. Then, they counted malicious code to the merchant's software to achieve access to websites using the products in what is expressed as a supply-chain attack.

How can TSAROLABS help manufacturers Mitigate the Risk of Supply Chain Attacks?

Related tags – supplychain, risks, supplychainattack, security, infrastructure, data, malware, opensource, services

Get a Consultation

Discover the many ways to enhance your organization security posture with TSARO Labs
Select service*