A vulnerability discovered in GitHub Actions could allow an attacker to poison a developer's pipeline, highlighting the risk that insecure software pipelines pose.
Read moreOne Year After Log4Shell, Most Firms Are Still Exposed to Attack
December 2 2022Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters of organizations remain exposed to it.
Read moreConnectWise Quietly Patches Flaw That Helps Phishers
December 2 2022ConnectWise, a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take...
Read moreLatest episode - listen now (or read if you prefer)...
Read moreLatest episode - listen now (or read if you prefer)...
Read moreThe CHRISTMA EXEC network worm – 35 years and counting!
December 2 2022"Uh-oh, this viruses-and-worms scene could turn out quite troublesome." If only we'd been wrong...
Read moreThe CHRISTMA EXEC network worm – 35 years and counting!
December 2 2022"Uh-oh, this viruses-and-worms scene could turn out quite troublesome." If only we'd been wrong...
Read moreIBM Cloud Supply Chain Vulnerability Showcases New Threat Class
December 1 2022The Hell's Keychain attack vector highlights common cloud misconfigurations and secrets exposure that can pose grave risk to enterprise customers.
Read moreSirius XM Software Vulnerability
December 1 2022This is new:
Newly revealed research shows that a number of major car brands, including Honda, Nissan, Infiniti, and Acura, were affected by a previously undisclosed security bug...
Read more
Of Exploits and Experts: The Professionalization of Cybercrime
December 1 2022No longer the realm of lone wolves, the world of cybercrime is increasingly strategic, commoditized, and collaborative.
Read more
Recent Comments