C
Chris Smith
Guest
- A security researcher was able to breach the internal systems of 35 companies, including Apple, Microsoft, Netflix, PayPal, Shopify, Tesla, Yelp, and others, without the victims knowing what had happened.
- Alex Birsan came up with counterfeit packages, which he hosted on public open-source repositories. These had the same names as some of the private files created internally at these companies.
- The researcher discovered that apps that needed these dependency packages would download files from the public open-source servers rather than internal ones. That’s how his files ended up on the unsuspecting targets' internal systems.
A security researcher was able to penetrate the defenses of several high-profile companies and upload files to their servers by taking advantage of a software supply chain issue that could be abused to infect servers without the victims' knowledge or permission. The list of companies the researchers infected include Apple, Microsoft, Netflix, PayPal, Shopify, Tesla, Yelp, and many other tech companies that might have downloaded his payloads.
Today's Top Deal
“”
Price: “”
Coupon Code: “” (by “”)
Buy Now
Continue reading...
Today's Top Deals
- Are you an Amazon Prime member? These 10 special deals are just for you
- Amazon has 5 secret departments you can shop for amazing deals
- Amazon coupon gets you a 2K camera drone as small as a smartphone for just $60
Trending Right Now:
- Here’s when you’ll finally get your $1,400 stimulus check
- Your email and password were probably posted online in the mother of all data leaks
- Are you going to get a $1,400 stimulus check? Here’s what Biden wants
Security researcher breached Apple, Microsoft, Netflix, PayPal, and more originally appeared on BGR.com on Wed, 10 Feb 2021 at 19:20:30 EDT. Please see our terms for use of feeds.
Via BRG - Boy Genius Report