The story normally is “hackers place malicious code into legitimate projects on software repository”. This is a favourite threat actor tactic as it can infect many users, when software developers, unintentional, distribute the malicious code with their projects. Code Risk This story however is how threat actors are using these …
Email phishing needs bait… (pt 5)
We looked at some of the most common types of email phishing attacks in the last part of this Back-to-Basics mini-series and I had promised you today an article on “size matters”, but I have changed my mind. Every day I read up on the latest threats and developments in …
Ahead of Microsoft’s Patch Tuesday – Apple Patches
You need to check these have been done on any iOS or macOS device that handles your organisation’s sensitive data. Johannes Ullrich on SANS INternet Storm Centre has an excellent summary of the updates: Apple Patches Everything: macOS, iOS, iPadOS, watchOS, tvOS updated. – SANS Internet Storm Center Auto-updates are …
Continue reading “Ahead of Microsoft’s Patch Tuesday – Apple Patches”
When hardware reaches EOL
EOL – End of Life. With hardware this can mean that when the iPhone is dropped down the toilet or the laptop is dropped down the stairs, they have reached the end of their service life. But usually it is something more subtle – hardware reaches EOL when vendors stop …
New ways to steal your credentials
The threat actors do not stand still when it comes to cyber-attacks, they are constantly evolving new attack vectors as we start to understand and combat the current ones. Keeping up with these changes, especially when it comes to phishing emails – which is one of the most common ways …