3rd Party Archive
GitHub Account of Canonical (Ubuntu Maker) Hacked; Cyber Risk & Third-Party Code-Sharing Sites

GitHub Account of Canonical (Ubuntu Maker) Hacked; Cyber Risk & Third-Party Code-Sharing Sites

A third-party code sharing site was part of the latest breach. On July 6, the GitHub account of Canonical Ltd was hacked. Canonical is well-known for developing the famous Ubuntu Linux Distribution. The accounts on third-party code-sharing sites like GitHub may reveal critical information to adversaries when they are hacked. In a public announcement, Ubuntu […]

Major Third-party Breaches Revealed in May 2019

A recent survey conducted by Ponemon Institute reveals that 59% of companies have experienced a third-party breach in 2018, which is an increase of 3% compared to the previous year. Data breaches caused by third parties cost millions of dollars to large companies. Third-parties include broad range of companies a company directly worked with such […]
Magecart attackers

An Attack on 3rd-Party Advertising Company Increased Cyber Risk of European E-Commerce Sites

A malicious code injected to a third-party Javascript of an advertising agency targets credit card information of online shoppers at European-based e-commerce sites. Many websites leverage Javascripts to track their visitors, collect analytics, etc. So, use of a Javascript library of an advertising agency is not uncommon. External Javascripts that run at your website pose […]
Third-party attack on cryptocurrency exchange

Third-Party Attack on Cryptocurrency Exchange Gate.io

One of the largest cryptocurrency exchange, gate.io, was targeted by a third-party, aka supply-chain attack. The attackers inserted a malicious code to a Web Analytics tool, called StatCounter, to steal bitcoins from gate.io. A sophisticated attack with one goal; BTC theft As the latest ESET research reveals thedetails on the attack, we see that it […]
Your ecosystem

British Airways Breach: Is it a third-party attack?

British Airways (BA) announced that 380,000 customer records containing credit card details had been taken during the cyber attack executed between 21 August and 5 September. As one of the major data breach in 2018, the cyber attack, though still fresh, has been speculated by many respectful cyber security researchers about  the cause of the […]
Risk Management

3rd Party Risk Management

3rd Party Risk Management; Many organizations have been talking about the third-party risk management for years and it is becoming more complex every day and attracting a lot of attention from the regulators. Most organizations have direct and/or indirect spendings on multiple vendors across the globe that make risk management more complex due to dealing with […]