We have clients who use the popular VNC Â (Virtual Network Computing)Â service to access computers – all of them implement our security policy. Do you have a security policy that covers this type of software and access? Over 9,000 VNC servers exposed online without a password (bleepingcomputer.com)
Malicious software
Software depositories are a prime target for threat actors, especially those offering modules that other developers include in their software. Here is an attack aimed at a Python repository: Malicious PyPi packages aim DDoS attacks at Counter-Strike servers (bleepingcomputer.com) How secure is open source software? Do you use open source …
You can change suppliers if they have poor cyber security
Mailchimp may be one of the largest email marketing companies out there, but there are others with better cyber security records. Digital Ocean dumps Mailchimp after security breach • The Register
Check your Mac – the security may be broken
You will need to read the article by Matt Burgess, over on Wired UK, to find out if this impact you. A Single Flaw Broke Every Layer of Security in MacOS | WIRED UK
Microsoft takes action to disrupt ongoing persistent phishing and credential theft campaigns
Microsoft’s Threat Intelligence Centre (MSTIC) has shared an article outlining how the actions they have undertaken to disrupt the Russian threat actor, SEABORGIUM, phishing and credential theft campaigns. Disrupting SEABORGIUM’s ongoing phishing operations – Microsoft Security Blog
