Click Studios, makers of the Passwordstate enterprise password manager, has notified customers that attackers have compromised the app’s update process mechanism to deliver malware in a supply-chain attack after breaching its networks. A security researcher notes that Click Studios’ notification email to customers states that malicious upgrades were potentially downloaded by customers between April 20 and April 22. Users are warned to reset their passwords.

Subscribe
Notify of
guest
2 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Baber Amin
Baber Amin , COO
InfoSec Expert
April 27, 2021 3:19 pm

<p>Have password? Get hacked. The fact is that in authentication, zero passwords = increased security.</p> <p> </p> <p>   ‘Supply chain attacks are prime targets because they offer a multiplier effect. Passwords and other static knowledge-based verification methods are archaic, but it is hard to get rid of them completely. The goal THAT all organizations should be going for is to reduce their password related threat surface or footprint with a modern passwordless approach combined with biometrics and device+user behavior and bio-mechanic analysis approach.  It’s key to focus on creating a strong binding between a user, their behavior, and the user agent in order to create an enhanced security and user experience.</p>

Last edited 1 year ago by Baber Amin
Tom Garrubba
Tom Garrubba , Senior Director and CISO
InfoSec Expert
April 27, 2021 3:21 pm

<p>Attacks to payload distribution mechanisms are starting to become more commonplace despite the difficulty in executing such an attack (the recent SolarWinds breach is another great example of such an attack). These kind of threat actors appear much more predatory by showing greater patience in planning, penetrating their target, and then shadowing and studying the target’s internal machinations – in this case, their code promotion to customers. By identifying Click Studio’s flaws then waiting precisely for the right moment to roll out their malicious code, the threat actor’s ensured maximum distribution.</p> <p> </p> <p>Vendors are not only encouraged to continuously evaluate and monitor their networking and systems controls – including those which promote code updates – but also to evaluate the security around their entire code promotion practices up to and including their distribution methods. Outsourcers are strongly encouraged to have a discussion and to even gain evidence that their vendors are practicing good cyber hygiene including code promotion and distribution.</p>

Last edited 1 year ago by Tom Garrubba
Information Security Buzz
2
0
Would love your thoughts, please comment.x
()
x