Month: January 2023

Vulnerabilities

Issued by: CSO Online

Attackers could start abusing GitHub Codespaces, a new service that allows developers to create and test applications inside development containers running on GitHub’s servers. Developers can make their applications accessible via public GitHub URLs for preview by others, a functionality that can be abused to distribute malware payloads in a stealthy way. “If the application…

Network Security

Issued by: DataBreach Today

Since executive Elon Musk became CEO of Twitter, the big issue affecting the future of that social media platform is also one of the most significant assets in the digital business world: trust. Between Oct. 27 and Nov. 1, 2022, nearly 900,000 Twitter users deactivated their accounts. That’s more than double the usual average of…

Malware & Threats

Issued by: DataBreach Today

What’s the term for when a ransomware group blames a geopolitically awkward attack it appears to have carried out on someone – anyone – else, just not them? Let’s call it getting “Colonial Pipelined,” after the DarkSide group’s disastrous hit on that oil pipeline system led the crime group to kill its brand. Is the…

Application Security

Issued by: Dark Reading

Norton LifeLock customers have fallen victim to a credential-stuffing attack. Cyberattackers used a third-party list of stolen username and password combinations to attempt to break into Norton accounts, and possibly password managers, the company is warning. Gen Digital, owner of the LifeLock brand, is sending data-breach notifications to customers, noting that it picked up on…

Software Security

Issued by: Dark Reading

The intricate labyrinth of open source dependencies across the global software supply chain has created an application security puzzle of mammoth proportions. Whether open source or closed, most of the world’s software today is built on third-party components and libraries. Consequently, one piece of vulnerable code in even the smallest of open source projects can…

Network Security

Issued by: Dark Reading

Darktrace, a global leader in cyber security artificial intelligence, today released three new cyber-threat trend reports revealing 2022 attack data observed across its global customer fleet.1 The industry reports pertain to the energy, healthcare, and retail sectors respectively. “These industry-specific reports are the first of their kind released by Darktrace, representing an important effort to…

Network Security

Issued by: DataBreach Today

Let’s face it – although small to medium enterprises – SMEs – do not have the security resources larger enterprise possess, they face the same risks. Building a comprehensive, cohesive, effective security tech stack is extremely difficult, especially when operating with a limited budget and resources. So how can SMEs achieve enterprise-grade cybersecurity to protect…

Network Security

Issued by: Dark Reading

Cerberus Sentinel (NASDAQ: CISO), an industry leader as a managed cybersecurity and compliance provider, based in Scottsdale, Ariz., announced that it has signed a definitive agreement for the acquisition of RAN Security, a cybersecurity company with headquarters in Buenos Aires, Argentina, and offices in Chile, Peru, Bolivia, and Paraguay. Under the terms of the agreement,…