home.social
Sign in Create account

#malwaredistribution — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #malwaredistribution, aggregated by home.social.

  1. The DefendOps Diaries @[email protected] ·

    North Korean hackers are taking stealth to a new level: embedding malware into blockchain smart contracts and tricking devs with fake job interviews. Are we ready for a world where your next code review could be a trap?

    thedefendopsdiaries.com/north-

    #etherhiding
    #northkoreanhackers
    #blockchainsecurity
    #malwaredistribution
    #smartcontracts
    #cyberthreats
    #socialengineering
    #infosec

    #etherhiding #northkoreanhackers #blockchainsecurity #malwaredistribution #smartcontracts #cyberthreats
  2. 🛡 [email protected]/:~# :blinking_cursor:​ @[email protected] ·

    GitLab Vulnerability to GitHub-Style CDN Flaw Allowing Malware Hosting

    Date: April 22, 2024
    CVE: Not specifically assigned
    Vulnerability Type: Authentication bypass
    CWE: [[CWE-22]], [[CWE-427]]
    Sources: Bleeping Computer Article, Duo Security Article

    Issue Summary

    GitLab has been identified as vulnerable to a similar flaw that was found in GitHub, where the platform's "comments" feature can be abused to host malware. This vulnerability allows threat actors to upload malicious files to GitLab's CDN under the guise of legitimate projects, making them appear as if they are part of reputable repositories.

    Technical Key findings

    The flaw stems from the ability to generate links to uploaded files in the comment section before saving or posting the comment. These files, although potentially never visible in a public comment, receive a CDN URL that remains accessible even if the comment is deleted.

    The format followed by such files uploaded to GitLab CDN is:
    _https://gitlab.com/{project_group_namr}/{repo_name}/uploads/{file_id}/{file_name}_
    For videos and images, the files will be stored under the /assets/ path instead.

    Vulnerable products

    The vulnerability affects all versions of GitLab that include the "comments" feature with file upload capabilities.

    Impact assessment

    This vulnerability can be exploited to distribute malware by disguising malicious files as legitimate project files, potentially leading to widespread security breaches if these files are executed by unsuspecting users.

    Patches or workaround

    As of the latest updates, specific patches for this CDN flaw have not been detailed. Users are advised to remain vigilant about files downloaded from repository-related URLs and verify their authenticity.

    Tags

    #GitLab #CDNFlaw #MalwareDistribution #AuthenticationBypass #SecurityVulnerability

    #gitlab #cdnflaw #malwaredistribution #authenticationbypass #securityvulnerability