.png "back to home page")
1/5: Thread on some additional info: Barium is one entity within a greater intelligence apparatus (I like calling them the Winnti Umbrella). They benefit greatly from targeting small software orgs (including gaming) throughout Asia. victim org count: far beyond single digits. https://t.co/u4U6pSd8jr
— Tom Hegel (@MalwareKiwi) May 3, 2019
"They're poisoning trusted mechanisms. When it comes to software supply chain attacks, they’re the champions of this. With the number of companies they’ve breached, I don’t think any other groups are comparable to these guys." https://t.co/wUtMwRRxID by @a_greenberg #ShadowHammer pic.twitter.com/tL1bTzEEuX
— Eugene Kaspersky (@e_kaspersky) May 3, 2019
Over the last three years, supply chain attacks that exploited the software distribution channels of at least six different companies have now all been tied to a single group of likely Chinese-speaking hackers. Here's what we know about them: https://t.co/nVB2Lc4gMc
— Andy Greenberg (@a_greenberg) May 3, 2019
"the attackers had breached NetSarang's network and planted their malicious code in its product before the application was cryptographically signed" https://t.co/2O8ypuwrvO "hiding one supply chain attack within another"
— Justin Cormack (@justincormack) May 3, 2019
At a first glance, I thought this was one of those "water-is-wet" articles that rehashes data from 2-3 recent reports.
— Catalin Cimpanu (@campuscodi) May 3, 2019
But this is a very good piece on ShadowHammer, making connections way back to Barium/APT17/Axiom (APT behind 2009/2010 Google breach). Very good overview. https://t.co/UfEdvC1hQj
This @a_greenberg piece on the supply chain hacking group behind the ASUS and CCleaner hacks is a really good overview piece of which there aren't enough in threat intelligence https://t.co/u5AHVA95Wp
— Martijn Grooten (@martijn_grooten) May 3, 2019
Over the last three years, supply chain attacks that exploited the software distribution channels of at least six different companies have now all been tied to a single group of likely Chinese-speaking hackers. Here's what we know about them: https://t.co/nVB2Lc4gMc
— Andy Greenberg (@a_greenberg) May 3, 2019
"the attackers had breached NetSarang's network and planted their malicious code in its product before the application was cryptographically signed" https://t.co/2O8ypuwrvO "hiding one supply chain attack within another"
— Justin Cormack (@justincormack) May 3, 2019
[Reading]: A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree | WIRED https://t.co/T6di9uzn9q
— Dave Lewis (@gattaca) May 3, 2019
A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree https://t.co/J3rmsxfmYh
— Paolo Passeri (@paulsparrows) May 4, 2019
A #hacker group is on a supply chain hijacking spree. @Wired @a_greenberg #cyberthreat #cybersecurity #ITSec https://t.co/XmL7MckAt7
— BeyondTrust (@BeyondTrust) May 3, 2019
#ITSecurity #ITSec A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree | WIRED https://t.co/ht4yggHemS, see more https://t.co/yJWFBjnLur
— Arcanist (@ArcanistMX) May 4, 2019
Can you trust all your software suppliers not to get pwned? https://t.co/eadm14hIWJ
— Chris Wysopal (@WeldPond) May 3, 2019
A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree https://t.co/LUm5Liepsu
— ? GroupHackathon ? (@GroupHackathon) May 3, 2019
A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree:https://t.co/dqgO5N62Cx
— Just A. Tinker (@John_Gardi) May 3, 2019
A supply chain hack is where software updates are compromised BEFORE they are distributed, sometimes even before the digital signature is created!
I'm glad I don't do network security anymore.
"They're poisoning trusted mechanisms. When it comes to software supply chain attacks, they’re the champions of this. With the number of companies they’ve breached, I don’t think any other groups are comparable to these guys." https://t.co/wUtMwRRxID by @a_greenberg #ShadowHammer pic.twitter.com/tL1bTzEEuX
— Eugene Kaspersky (@e_kaspersky) May 3, 2019
A single #hacking group is 'poisoning' legitimate software updates with #malware https://t.co/EeBSzvfO2C
— Secure Cyber (@Sec_Cyber) May 3, 2019
A single hacking group is 'poisoning' legitimate software updates with malware https://t.co/7W9GVRYSx1 pic.twitter.com/suKRoOfe9E
— PC Gamer (@pcgamer) May 3, 2019
A single hacking group is 'poisoning' legitimate software updates with malware https://t.co/wvv2e8QEjf
— PC Gamer feed (@PC_Gamer) May 3, 2019
A missive on supply chain attacks: were we to imagine an offensive op as a pyramid, with the actual target and desired collect/effect at the top, the supply chain vector is at the bottom: it forms the foundation for the pyramid. In success, you have enabled short and long term https://t.co/h4k7wonbfR
— ░J░a░s░o░n░ ░K░i░c░h░e░n░ (@jckichen) May 4, 2019
A mysterious hacker gang is on a supply-chain hacking spree https://t.co/CTfidGkdhn
— The Cyber Security Hub (@TheCyberSecHub) May 4, 2019
Incoming:https://t.co/9pgxmvT8Hf
— "Poz" (@LeslieMPozsonyi) May 4, 2019
Beware of everything you download, even if it comes from a trusted source https://t.co/UDomNdaWDQ pic.twitter.com/Sxtt7WCShQ
— PC Gamer (@pcgamer) May 4, 2019
The poisoning of trusted mechanisms - Barium, ShadowHammer & Wicked Panda https://t.co/pelzt9D9Cu
— Dr. Mary Aiken (@maryCyPsy) May 4, 2019
How do you protect yourself from #malware when the tools used to develop software are themselves infected? @Wired on the ongoing fight against supply chain hijacking. https://t.co/1WNvy1L8m4 #notPetya #cybersecurity
— SonicWall (@SonicWall) May 3, 2019
A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree https://t.co/ChKIPVqcvi
— Whitney Merrill (@wbm312) May 3, 2019
A Mysterious Hacker Group Is On A Supply Chain Hijacking Spree https://t.co/FtP8fmDFdp #news
— packet storm (@packet_storm) May 3, 2019
A Mysterious Hacker Group Is On a Supply Chain Hijacking Spree https://t.co/CslrYKeolN
— Brian Laung Aoaeh, CFA (@brianlaungaoaeh) May 4, 2019