Hundreds of networks reportedly hacked in Codecov supply-chain attack
By
03:49 AM
More details have emerged on the recent Codecov system breach which is now being likened to the SolarWinds hack.
In new reporting by Reuters, investigators have stated that hundreds of customer networks have been breached in the incident, expanding the scope of this system breach beyond just Codecov s systems.
As reported by BleepingComputer last week, Codecov had suffered a supply-chain attack that went undetected for over 2-months.
In this attack, threat actors had gained Codecov s credentials from their flawed Docker image that the actors then used to alter Codecov s Bash Uploader script, used by the company s clients.
Attackers Compromised Code-Checking Vendor s Tool darkreading.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from darkreading.com Daily Mail and Mail on Sunday newspapers.
Ten-year prison term for hacker group manager, watch for these attacks against universities and more.
Welcome to Cyber Security Today. It’s Monday April 19. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
An American courthas sentenced a Ukrainian man to 10 years in prison for his role in the hacking and credit card theft group called FIN7 by researchers. The man was a manager and systems administrator for the group. He was arrested in Germany in 2018 and extradited to the U.S. In 2019 he pleaded guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking. FIN7 is also called Carbanak Group or Navigator Group by researchers. According to the Justice Department, FIN7 has more than 70 people who are hackers, malware developers, creators of phishing messages or have other duties. It is alleged the group caused over a billion dollars in losses in the U.S. alone.