Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

White House Guidance Recommends SBOMs for Federal Agencies

New executive order stops short of mandating NIST's guidelines, but recommends SBOMs for federal agencies across government.

DARKReading
#vulnerability#ios
How to Use SSH Keys and 1Password to Sign Git Commits

This Tech Tip walks through the steps to set up signed commits with SSH keys stored in 1Password.

SparklingGoblin Updates Linux Version of SideWalk Backdoor in Ongoing Cyber Campaign

Researchers link the APT to an attack on a Hong Kong university, which compromised multiple key servers using advanced Linux malware.

To Ease the Cybersecurity Worker Shortage, Broaden the Candidate Pipeline

With enough passion, intelligence, and effort, anyone can be a successful cybersecurity professional, regardless of education or background.

Cyberattacks Are Now Increasingly Hands-On, Break Out More Quickly

Interactive intrusion campaigns jumped nearly 50%, while the breakout time between initial access and lateral movement shrank to less than 90 minutes, putting pressure on defenders to react quickly.

TeamTNT Hits Docker Containers via 150K Malicious Cloud Image Pulls

Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says.

Key Takeaways From the Twitter Whistleblower's Testimony

Twitter did not know what data it had or who had access to it, Peiter "Mudge" Zatko told Congressional lawmakers during a Senate panel hearing.

Bishop Fox Releases Cloud Enumeration Tool CloudFox

CloudFox is a command-line tool that helps penetration testers understand unknown cloud environments.

Microsoft Quashes Actively Exploited Zero-Day, Wormable Critical Bugs

In Microsoft's lightest Patch Tuesday update of the year so far, several security vulnerabilities stand out as must-patch, researchers warn.

U-Haul Customer Contract Search Tool Compromised

Password compromise led to unauthorized access to a customer contract search tool over a five-month window, according to the company.