I have just written about this supply chain cyber attack: Developer software repositories will always be a prime target for threat actors – Smart Thinking Solutions And here is another phishing attack hunting for the unwary who will reveal their credentials: DoorDash customer info exposed in Oktapus phishing attack • …
Software repositories are a target for threat actors
If you, as a threat actor, could embed your malware into a software module, that is then used by many innocent and unaware software developers in their packages, they release to the general public, wouldn’t you? That looks like a lot of infected machines for a small amount of work. …
Continue reading “Software repositories are a target for threat actors”
Ransomware this week… with an international flavour and some advice.
Here are some of the leading ransomware stories this week: Greek natural gas operator suffers ransomware-related data breach – Bleeping Computers LockBit ransomware group implicated in crippling attack on French hospital – The Record by Recorded Future New ‘Donut Leaks’ extortion gang linked to recent ransomware attacks (bleepingcomputer.com) RansomEXX claims …
Continue reading “Ransomware this week… with an international flavour and some advice.”
Pass the cookie attack – but you still need to use MFA and have these extra steps in place
We cannot emphasise how important multi-factor authentication is to your cyber security – however, of course, the threat actors do have ways around it: Cookie stealing: the new perimeter bypass – Sophos News The threat is malware getting into your system and stealing session cookies that are associated with the …
I do not use the Apple iOS VPN and here’s why… Written whilst on holiday using a VPN.
When I use a VPN, I do it because I want my communications across the internet to be private. Apple iOS VPN is not private enough: Two years on, Apple iOS VPNs still leak IP addresses • The Register I always use a VPN when I suspect the internet connection …