The story normally is “hackers place malicious code into legitimate projects on software repository”. This is a favourite threat actor tactic as it can infect many users, when software developers, unintentional, distribute the malicious code with their projects. Code Risk This story however is how threat actors are using these …
How much internet traffic is malicious?
Cloudflare, a company best known for protecting clients from various flavours of denial of service attacks, has done the research and calculated that 6.8% of all internet traffic is out to get you. This is an increase of last year’s findings. Application Security report: 2024 update – Cloudflare Cloudflare believes …
Why modern software does not help with the cyber threat
Modern software often offers extra features through the use of code extensions such as using Python or in the case of Microsoft the macro. We all love the extra functionality – threat actors like the way this functionality allows them to slip malicious code through our defences to us. Microsoft …
Continue reading “Why modern software does not help with the cyber threat”
Two stories about GitHub
GitHub is a code development environment and code repository used around the world by many software developers and well known applications. Consequently it is also a prime target for threat actors who if they can get inside the development of packages can infect many unsuspecting users. The collaboration tool Slack …
Windows 11 automation tools open to abuse
Automating tasks on a computer used to be hard, but today it is very easy with a range of drag and drop tools available. Obviously the Power Automate included into Microsoft’s Windows 11 will be among the most popular – I know I use it. Now researchers at Zenity have …
Continue reading “Windows 11 automation tools open to abuse”