Blog

That massive GitHub supply chain attack? It all started with a stolen SpotBugs token

But this mystery isn't over yet, Unit 42 opines That massive GitHub supply chain attack that spilled secrets from countless projects? It traces back to a stolen token from a SpotBugs workflow - exposed way back in November, months earlier than previously suspected.…

Alleged Scattered Spider SIM-swapper must pay back $13.2M to 59 victims

Crummy OPSEC leads to potentially decades in prison Noah Michael Urban, 20, of alleged Scattered Spider infamy, has pleaded guilty to various charges and potentially faces decades in prison.…

Chrome to patch decades-old flaw that let sites peek at your history

After 23 years, the privacy plumber has finally arrived to clean up this mess A 23-year-old side-channel attack for spying on people's web browsing histories will get shut down in the forthcoming Chrome 136, released last Thursday to the Chrome beta channel.…

UK’s attempt to keep details of Apple ‘backdoor’ case secret… denied

Last month's secret hearing comes to light Details of Apple's appeal against the UK's so-called "backdoor order" will now play out in public after the Home Office failed in its bid to keep them secret on national security grounds.…

What native cloud security tools won’t catch

Native tools help, but they don’t cover everything - here’s what they miss and how to close the gaps Partner Content  : AWS provides a number of security services, such as GuardDuty, Inspector, Config, and Security Hub, designed to protect your cloud environment.…

Trump fires NSA boss, deputy

'Nonpartisan' intelligence chief booted less than two years into the job President Trump yesterday fired the head of the NSA and US Cyber Command and his deputy.…

30 minutes to pwn town: Are speedy responses more important than backups for recovery?

The industry’s approach to keeping quality backups may be masking the importance of other recovery mainstays Maintaining good-quality backups is often seen as the spine of any organization's ability to recover from cyberattacks quickly. Naturally, given the emphasis placed on them by experts of all stripes, you'd be…

Alan Turing Institute: UK can’t handle a fight against AI-enabled crims

Law enforcement facing huge gap in 'AI adoption' The National Crime Agency (NCA) will "closely examine" the recommendations made by the Alan Turing Institute after it claimed the UK was ill-equipped to tackle AI-enabled crime.…

Ex-ASML, NXP staffer accused of stealing chip secrets, peddling them to Moscow

We're not Putin up with this alleged industrial espionage, say the Dutch A Russian national appeared in a Netherlands court on Thursday accused of industrial espionage against ASML, the world’s leading manufacturer of chip factory equipment and a key supplier that helps the likes of TSMC pump out…

Retirement funds reportedly raided after unexplained portal probes and data theft

Australians checking their pensions are melting down call centers and websites Australian retirement fund operators are scrambling after reports emerged of unauthorized access to customer accounts leading to theft of cash.…

Copyright © 2024 Lugapel