We have many clients who have their own software or have custom software on their website or web apps written for them by developers. These developers may or may not reuse code or modules written by third party developers and sourced through a software repository – such as GitHub or …
Two stories about GitHub
GitHub is a code development environment and code repository used around the world by many software developers and well known applications. Consequently it is also a prime target for threat actors who if they can get inside the development of packages can infect many unsuspecting users. The collaboration tool Slack …
Where the hackers sell your personal information and who buys it
The hackers have the motivation to steal your personal data and credentials as it is very easy for them to monetise these types of attacks. The threat actors have their own supply chains buried within webs of security and obfuscation. The hackers will steal the personal information, using a suite …
Continue reading “Where the hackers sell your personal information and who buys it”
Suffolk Police apologies after publishing highly sensitive information on its website – UPDATED
This post was originally made on 16 November 2022 Update 25 November 2022 There is no good news for the Suffolk Police force in this follow-up report, only bad news for the victims. Suffolk Constabulary first published sex offence victims’ data in 2019 – BBC News Original Post Names, addresses …
The supply chain is complicated – which is why it is vulnerable to exploitation
Bruse Schneier has an interesting article out today, describing how a Russian company that produces code that is included in thousands of smartphone apps, both iOS and Android, masquerades as an US company. Russian Software Company Pretending to Be American – Schneier on Security There is no suggestion of wrong …
Continue reading “The supply chain is complicated – which is why it is vulnerable to exploitation”