Organizations across Asia, especially in Hong Kong, have been targeted by a software supply chain attack by the newly discovered Carderbee hacking operation that commenced in April, CyberScoop reports.
Attackers have leveraged a Cobra DocGuard software update file to facilitate the delivery of the Korplug malware, also known as PlugX, to nearly 100 computers across various organizations, according to a report from the Symantec Threat Hunter Team. Sophisticated threat actors are believed to be behind the supply chain attack due to the presence of signed malware to conceal malicious activity, said researchers.
"The Korplug back door is usually used by China-linked APT groups. In addition to this, the targeting is in line with what we've seen from China-linked groups in the past. As stated in the blog there are also some similarities between this activity and previous activity carried out by the Budworm (aka APT27) group," said Symantec Senior Intelligence Analyst Brigid Gorman.
Okta had 4,961 current and former employees' data, including names, health insurance plan numbers, and Social Security numbers, compromised following a breach at its third-party vendor Rightway Healthcare, reports The Register.
Optimizing AppSec: A Deep Dive into ASPM’s Risk-Based Approach
Reducing silos between Developers and AppSec in your Software Supply Chain with Snyk and ServiceNow
Perfecting the third-party lifecycle: Conquering risk in every phase
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news