Security
Headlines
HeadlinesLatestCVEs

Source

Threatpost

Podcast: The State of the Secret Sprawl

In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, as well as ways that developers can keep their code safe.

Threatpost
#mac#git#auth
USB-based Wormable Malware Targets Windows Installer

Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands.

CANs Reinvent LANs for an All-Local World

A close look at a new type of network, known as a Cloud Area Network.

VHD Ransomware Linked to North Korea’s Lazarus Group

Source code and Bitcoin transactions point to the malware, which emerged in March 2020, being the work of APT38, researchers at Trellix said.

China-linked APT Caught Pilfering Treasure Trove of IP

A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data.

Attackers Use Event Logs to Hide Fileless Malware

A sophisticated campaign utilizes a novel anti-detection method.

Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk

A flaw in all versions of the popular C standard libraries uClibe and uClibe-ng can allow for DNS poisoning attacks against target devices.

Mozilla: Lack of Security Protections in Mental-Health Apps Is ‘Creepy’

Popular apps to support people’s psychological and spiritual well-being can harm them by sharing their personal and sensitive data with third parties, among other privacy offenses.

Bad Actors Are Maximizing Remote Everything

Aamir Lakhani, global security strategist and researcher at FortiGuard Labs, zeroes in on how adversaries are targeting 'remote everything'.