I-Apple Ibhekene Necala Eliyisola Ngokuhlola Izisebenzi, I-Solana Web3.js Library Ifakwe Ebucayini Ekuhlaselweni Kwe-Supply Chain: I-Cybersecurity Roundup
I-Apple Ibhekene Necala Eliyisola Ngokuhlola Abasebenzi
I-Apple izithole isiphakathi kwengxabano entsha, necala elimangalela ukuthi inkampani igada abasebenzi bayo. Icala, elifakwe enkantolo yaseCalifornia, lithi i-Apple idinga abasebenzi ukuthi bayifake isofthiwe kumishini yabo yomuntu siqu enikeza inkampani ukufinyelela kokuzwela Imininingwane, okufaka ama-imeyili, izithombe, nedatha yezempilo.
Ukwengeza, icala lithi i-Apple ibandlulula abesifazane, ibakhokhela imali engaphansi kozakwabo besilisa ezindimeni ezifanayo. Le nkampani iphinde isolwe ngokubeka imigomo evimbela abasebenzi ukuthi baxoxe ngezimo zokusebenza futhi bahlanganyele emisebenzini yokubikela abanye.
U-Apple uzichithile lezi zinsolo, wathi abasebenzi bathola ukuqeqeshwa minyaka yonke ngamalungelo abo nokuthi inkampani iyabuhlonipha ubumfihlo babo. Kodwa-ke, icala liphakamisa ukukhathazeka okukhulu mayelana nezinga izinkampani zobuchwepheshe eziqapha ngalo abasebenzi bazo kanye namandla umthelela kubumfihlo bomuntu ngamunye namalungelo abasebenzi.
Iqembu Le-Termite Ransomware Lifuna Isibopho Se-Blue Yonder Attack
Iqembu le-Termite ransomware lifune ngokusemthethweni ukuthi linesibopho sokuhlasela kwakamuva kwe-cyberattack eBlue Yonder. Lokhu kuhlasela, okwenzeka ngoNovemba 2023, kuphazamise izinsizakalo zabahlinzeki besoftware yokuphathwa kwe-supply chain, kwathinta amabhizinisi amaningi emhlabeni jikelele.
Igenge ye-ransomware kubikwa ukuthi yebe idatha engaphezu kuka-680GB kwaBlue Yonder, okuhlanganisa nemininingwane ebucayi efana nohlu lwama-imeyili nemibhalo yezezimali. Le datha entshontshiwe ingase isetshenziselwe ukuhlasela kwe-inthanethi okwengeziwe noma ithengiswe kuwebhu emnyama.
Lokhu kuhlasela kudale ukuphazamiseka okukhulu kumakhasimende akwaBlue Yonder, okuhlanganisa abathengisi abakhulu nabakhiqizi. Izinkampani ezifana ne-Starbucks, Morrisons, kanye ne-Sainbury's zibike izinselelo zokusebenza ngenxa yokucima.
Ilabhulali ye-Solana Web3.js Ifakwe Ebucayini Ekuhlaselweni Kwe-Supply Chain
Ukwephulwa kwezokuphepha okubalulekile kuthinte umtapo wezincwadi we-Solana web3.js odumile, ingxenye ebalulekile yokwakha izinhlelo zokusebenza ezihlukaniselwe indawo ku-Solana blockchain. Abadlali abanonya basebenzise i-akhawunti ye-npm engcupheni ukuze baphushe izinguqulo zelabhulali engcolile, okubenza bakwazi ukuntshontsha okhiye abayimfihlo konjiniyela abangaqaphile.
Ukwephulwa komthetho kudalwe ekuhlaselweni kobugebengu bokweba imininingwane ebucayi obuqondiswe kumnakekeli welabhulali, ukunikeza abahlaseli ukufinyelela kokushicilela izinguqulo ezikhohlakele. Uhlelo olungayilungele ikhompuyutha lusebenzise i-backdoor ukuze lukhiphe okhiye abayimfihlo ngokusebenzisa izihloko ezifihliwe ze-Cloudflare, kodwa izinguqulo ezinonya sezisusiwe, futhi iseva yomyalo nokulawula ayixhunyiwe ku-inthanethi. Lesi sigameko sithinte kakhulu amaphrojekthi aphatha okhiye abayimfihlo ababuyekezwe phakathi kukaDisemba 2-3, 2024, okuholele ezimpahleni ze-crypto ezebiwe ezibiza u-$164,100.
Lokhu kuhlasela kugqamisa ubunkimbinkimbi obukhulayo bokuhlaselwa kwe-supply chain kanye nokubaluleka kokugcina izinqubo zokuphepha eziqinile ku-open-source ecosystem. I-Solana Foundation ithathe izinyathelo zokubhekana nale nkinga futhi inxuse abathuthukisi ukuthi babuyekeze amaphrojekthi abo enguqulweni yakamuva, evikelekile yomtapo wolwazi. Kubalulekile futhi ukuqapha noma yimuphi omunye umsebenzi omubi futhi uqaphe mayelana nokuhlasela okungase kube khona esikhathini esizayo.
