ACM.102 Ensuring only authorized IP addresses can access your private GitHub repositories This is a continuation of my series on Automating Cybersecurity Metrics. My last post explained how you can restrict SSH access on your local network to only authorized IP addresses. Local Firewall Rules to Connect to an AWS EIP via SSH Specifically, we […]
Cyber News, Cyber Threat Trends
Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers’ machines with a malware called W4SP Stealer. “The main attack seems to have started around October 12, 2022, slowly picking up steam to a concentrated effort around October 22,” […]
Cyber News, Cyber Threat Trends
Microsoft is warning of an uptick in the nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has “observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability,” making it imperative that
Cyber News, Cyber Threat TrendsIn 1878, a 55-foot-long giant squid washed up on the shores of Glover’s Harbour, Newfoundland. It’s the largest giant squid ever recorded—although scientists now think that the size was an exaggeration or the result of postmortem stretching—and there’s a full-sized statue of it near the beach where it was found. As usual, you can also […]
Cyber News, Cyber Threat Trends
Vulnerability management vendor Qualys this week announced the trial availability of its TotalCloud with FlexScan offering, an agentless, cloud-native vulnerability detection and response platform designed for use in multicloud and hybrid environments. The software is designed to provide a holistic overview of an organization’s cloud-based workloads and identify known vulnerabilities. The system also scans workloads […]
Cyber News, Cyber Threat Trends
Responding to a recent surge in AI-generated bot accounts, LinkedIn is rolling out new features that it hopes will help users make more informed decisions about with whom they choose to connect. Many LinkedIn profiles now display a creation date, and the company is expanding its domain validation offering, which allows users to publicly confirm […]
Cyber News, Cyber Threat Trends
That was the week that was…
Cyber News, Cyber Threat TrendsThe hacker behind a tool used by Black Basta had access to the source code used by FIN7
Cyber News, Cyber Threat Trends
The ongoing Russia-Ukraine conflict has resulted in an increase in hacktivist activity in the past year, with state-sponsored threat actors targeting 128 governmental organizations in 42 countries that support Ukraine, according to the European Union Agency for Cybersecurity (ENISA). In addition, some threat actors targeted Ukrainian and Russian entities during the early days of the […]
Cyber News, Cyber Threat Trends