Cybersecurity Starts in the Boardroom
Dropbox has admitted that 130 of its confidential private GitHub repositories were coped by a threat actor. Among the haul were secret APUI codes. They do reassure users that no user content, usernames or passwords were stolen. Well of course not. That is not the issue. Why bother stealing those …
Here is a report from Bleeping Computers, looking at a data wiper malware attack that includes obvious clues pointing at well-known security researchers and Bleeping Computers claiming they are behind the operation (the author of the article was also included!). The destructive malware, Azov Ransomware is being distributed using pirated …
Continue reading “…and put the blame on cyber security researchers”
Whilst I have been away CISA has continued issuing useful advice. It added a Google Chromium vulnerability to the Known Exploited Vulnerabilities Catalog. Google Chromium is an open–source browser project and is behind many widely used browsers including Google Chrome and Microsoft Edge. CISA Has Added One Known Exploited Vulnerability …
It is not really a surprise, with the exponential rise in home shopping and deliveries because of the pandemic, that the delivery service DHL is the most impersonated organisation when it comes to cyber attacks: DHL named most-spoofed brand in phishing • The Register Microsoft and LinkedIN are close behind. …
Continue reading “What are the most spoofed brands in social engineering/phishing attacks?”
There is a particularly nasty exploit going around the will according to an article on Ars Technica, install a “witch’s brew of malware” on vulnerable systems: VMware bug with 9.8 severity rating exploited to install witch’s brew of malware | Ars Technica The patch for CVE-2022-22954 is out, just get it …
