A supply chain infection is where a hacker/cracker breaks into a vendor & places malicious code in their software utilities — that other organizations use as utilities or software packages.  Just like the SolarWinds Orion infection in early 2021, CODECOV’s basher script was infected as discovered this month & this vendor is working diligently to get their customer base on a more secure footing as shared below:

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

Codecov Releases New Detections for Supply Chain Compromise | CISA

Bash Uploader Security Update – Codecov

Codecov takes the security of its systems and data very seriously and we have implemented numerous safeguards to protect you. On Thursday, April 1, 2021, we learned that someone had gained unauthorized access to our Bash Uploader script and modified it without our permission. The actor gained access because of an error in Codecov’s Docker image creation process that allowed the actor to extract the credential required to modify our Bash Uploader script.

CISA is aware of a compromise of the Codecov software supply chain in which a malicious threat actor made unauthorized alterations of Codecov’s Bash Uploader script, beginning on January 31, 2021. Upon discovering the compromise on April 1, 2021, Codecov immediately remediated the affected script. On April 15, 2021, Codecov notified customers of the compromise and on April 29, 2021, Codecov released an update containing new detections.   CISA urges all Codecov users to review the Codecov update and:

    • Search for the IOCs provided.
    • Log in to Codecov to see any additional information specific to their organization and repositories.
    • Affected users should immediately implement the guidance in the Recommended Actions for Affected Users and FAQ sections of Codecov’s update.
    • CISA recommends giving special attention to Codecov’s guidance on changing (“re-rolling”) potentially affected credentials, tokens, and keys.
    • CISA also recommends revoking and reissuing any potentially affected certificates

By admin