Interesting article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code: Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of 450,000 projects submitted to PyPI, the official code repository for the Python programming language. Nearly 3,000 projects contained […]
Cyber News
The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes courtesy of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). “Observed as a ransomware-as-a-service (RaaS) model, Rhysida actors have compromised […]
Cyber NewsWithSecure report highlights widespread code reuse
Cyber News, Cyber Threat TrendsExecutive summary Multifactor authentication, or MFA, provides users with an added layer of security when logging into web applications. Surpassing its predecessor, two-factor authentication, in 2023, MFA is a standard option for another layer of security for online accounts. . In May 2022, the Cybersecurity & Infrastructure Security Agency (CISA) published security advisory AA22-074A describing how […]
Cyber News, Cyber Threat Trends
A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks. “Starting from a single compromised machine, threat actors could progress in several ways: they could move to other cloned machines with […]
Cyber News
Russian threat actors have been possibly linked to what’s been described as the “largest cyber attack against Danish critical infrastructure,” in which 22 companies associated with the operation of the country’s energy sector were targeted in May 2023. “22 simultaneous, successful cyberattacks against Danish critical infrastructure are not commonplace,” Denmark’s SektorCERT said [PDF]. “The attackers […]
Cyber NewsWho’s more incompetent – the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Cyber News, Cyber Threat Trends
While the veteran unemployment rate may be at a historic low, the transition from the military to civilian life isn’t without its challenges. For starters, ex-military members often need help translating their skills gained in the armed forces to non-military roles, and many need to become more familiar with the wide variety of civilian career path […]
Cyber News, Cyber Threat Trends
Who’s more incompetent – the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult […]
Cyber News