#44 - Intel Chat: Fake GitHub repos, NPM poison, Vidar, Mac malware, Tsunami DDOS, Cl0p reward, and the EDR killer: Spyboy
The Cybersecurity Defenders Podcast - A podcast by LimaCharlie
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.VulnCheck comes across a malicious GitHub repository that is claimed to be a Signal 0-day.CheckMarx are reporting that Without altering a single line of code, attackers poisoned the NPM package “bignum” by hijacking a S3 bucket.Team CYMRU has released a detailed publication on Vidar infrastructure which encompasses both the primary administrative aspects and the underlying backend. Bit Defender Mac researchers stumbled upon a small set of files with backdoor capabilities that seem to form part of a more complex malware toolkit. Researchers have found an unofficial package called 'https' that exists on NPM with over 1600 other packages that depend on it.An attack campaign that consists of the Tsunami DDoS Bot being installed on inadequately managed Linux SSH servers.Cl0p rewards of up to $10 million are being offered by the U.S. State Department's Rewards for Justice program.SentinelOne is reporting on the Terminator EDR killer - Spyboy. The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.