Retailer Database Error Leaks Over One Million Customer Records
SimpleTire snafu has now been remediated
Cyber News, Cyber Threat TrendsFriday Squid Blogging: Online Cephalopod Course
Atlas Obscura has a five-part online course on cephalopods, taught by squid biologist Dr. Sarah McAnulty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Cyber News, Cyber Threat Trends
- May 29, 2023
Time to challenge yourself in the 2023 Google CTF!
Vincent Winstead, Technical Program Manager It’s Google CTF time! Get your hacking toolbox ready and prepare your caffeine for rapid intake. The competition kicks off on June 23 2023 6:00 PM UTC and runs through June 25 2023 6:00 PM UTC. Registration is now open at g.co/ctf. Google CTF gives you a chance to challenge […]
Cyber News, Cyber Threat Trends
- May 29, 2023
Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier CVE-2023-28131, has a severity rating of 9.6 on the CVSS scoring system. API security firm Salt Labs said the issue rendered services using the framework susceptible to credential leakage, which could
Cyber News, Cyber Threat Trends
- May 29, 2023
New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets
A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets. “It has the potential to expand to other platforms as Bandit Stealer was developed using the Go programming language, possibly allowing cross-platform compatibility,” Trend Micro said in a Friday report
Cyber News, Cyber Threat Trends
- May 29, 2023
AWS Control Tower role added to my AWS KMS Key??
99% sure I did not make this policy change Continue reading on Bugs That Bite »
Cyber News, Cyber Threat Trends
- May 29, 2023
PyPI Implements Mandatory Two-Factor Authentication for Project Owners
The Python Package Index (PyPI) announced last week that every account that maintains a project on the official third-party software repository will be required to turn on two-factor authentication (2FA) by the end of the year. “Between now and the end of the year, PyPI will begin gating access to certain site functionality based on […]
Cyber News, Cyber Threat Trends
- May 29, 2023
Don’t Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims
A new phishing technique called “file archiver in the browser” can be leveraged to “emulate” a file archiver software in a web browser when a victim visits a .ZIP domain. “With this phishing attack, you simulate a file archiver software (e.g., WinRAR) in the browser and use a .zip domain to make it appear more […]
Cyber News, Cyber Threat TrendsFriday Squid Blogging: Online Cephalopod Course
Atlas Obscura has a five-part online course on cephalopods, taught by squid biologist Dr. Sarah McAnulty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Cyber News, Cyber Threat Trends