I have written before about how good “bug bounties” are for improving everyone’s cyber security, rewarding the white hat hackers and researchers for their work. The Open Source Software Vulnerability Rewards Program (OSS VRP) Now Google has launched a bug bounty program that rewards the ethical technologists for finding and …
Maybe this attack may not target my readers, but you never know?
The is active attack running on the internet at the moment targeting the CEOs and CFOs of some of the biggest companies around. These threat actors are not looking for targets of opportunity, for the work they put in they only want targets that can return millions of Pounds or …
Continue reading “Maybe this attack may not target my readers, but you never know?”
And here is another phishing attack story – have you visited CyberAwake.co.uk yet?
I have just written about this supply chain cyber attack: Developer software repositories will always be a prime target for threat actors – Smart Thinking Solutions And here is another phishing attack hunting for the unwary who will reveal their credentials: DoorDash customer info exposed in Oktapus phishing attack • …
Software repositories are a target for threat actors
If you, as a threat actor, could embed your malware into a software module, that is then used by many innocent and unaware software developers in their packages, they release to the general public, wouldn’t you? That looks like a lot of infected machines for a small amount of work. …
Continue reading “Software repositories are a target for threat actors”
Credential theft – where the threat actors start and some advice
Collecting (stealing) credentials is a favourite pastime of threat actors – either to break into accounts directly or to add them to their credential stuffing attacks (looking for those people who reuse passwords) or just to sell on the dark web! Here they are doing it to users of the …
Continue reading “Credential theft – where the threat actors start and some advice”
