Seems that the developer account that the crooks breached last time gave indirect access to customer data this time round.
Read moreLastPass Discloses Second Breach in Three Months
December 2 2022The threat actor behind an August intrusion used data from that incident to access customer data stored with a third-party cloud service provider, and affiliate GoTo reports breach of...
Read moreA vulnerability discovered in GitHub Actions could allow an attacker to poison a developer's pipeline, highlighting the risk that insecure software pipelines pose.
Read moreOne Year After Log4Shell, Most Firms Are Still Exposed to Attack
December 2 2022Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters of organizations remain exposed to it.
Read moreConnectWise Quietly Patches Flaw That Helps Phishers
December 2 2022ConnectWise, a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take...
Read moreLatest episode - listen now (or read if you prefer)...
Read moreLatest episode - listen now (or read if you prefer)...
Read moreThe CHRISTMA EXEC network worm – 35 years and counting!
December 2 2022"Uh-oh, this viruses-and-worms scene could turn out quite troublesome." If only we'd been wrong...
Read moreThe CHRISTMA EXEC network worm – 35 years and counting!
December 2 2022"Uh-oh, this viruses-and-worms scene could turn out quite troublesome." If only we'd been wrong...
Read moreIBM Cloud Supply Chain Vulnerability Showcases New Threat Class
December 1 2022The Hell's Keychain attack vector highlights common cloud misconfigurations and secrets exposure that can pose grave risk to enterprise customers.
Read more
Recent Comments