Security
Headlines
HeadlinesLatestCVEs

Source

Threatpost

Deep Dive: Protecting Against Container Threats in the Cloud

A deep dive into securing containerized environments and understanding how they present unique security challenges.

Threatpost
#vulnerability#web#mac#windows#microsoft#amazon#red_hat#dos#kubernetes#backdoor#botnet#auth#ssh#zero_day#docker
Security Turbulence in the Cloud: Survey Says…

Exclusive Threatpost research examines organizations’ top cloud security concerns, attitudes towards zero-trust and DevSecOps.

Cyberespionage APT Now Identified as Three Separate Actors

The threat group known as TA410 that wields the sophisticated FlowCloud RAT actually has three subgroups operating globally, each with their own toolsets and targets.

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of organizations.

Cyberattacks Rage in Ukraine, Support Military Operations

At least five APTs are believed involved with attacks tied ground campaigns and designed to damage Ukraine's digital infrastructure.

Emotet is Back From ‘Spring Break’ With New Nasty Tricks

The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default.

Millions of Java Apps Remain Vulnerable to Log4Shell

Four months after the critical flaw was discovered, attackers have a massive attack surface from which they can exploit the flaw and take over systems, researchers found.

Firms Push for CVE-Like Cloud Bug System

Researchers propose fresh approaches to cloud-security bugs and mitigating exposure, impact and risk.

Nation-state Hackers Target Journalists with Goldbackdoor Malware

A campaign by APT37 used a sophisticated malware to steal information about sources , which appears to be a successor to Bluelight.

Lapsus$ Hackers Target T-Mobile

No government and customer data was accessed.