- — 2 Lenses for Examining the Safety of Open Source Software
![[*]](img/ib-star_nm.png "mark favorite")
![[+]](img/ib-marked_nm.png "mark as new")
![[-]](img/ib-markold_nm.png "mark older as read")
![[x]](img/ib-delete_nm.png "delete article")
![[A+]](img/ib-fontbg_nm.png "larger font")
![[a-]](img/ib-fontsm_nm.png "smaller font")
![[l]](img/ib-link_nm.png "direct link")
at 5/26/23 3:03pmImproving the security of open source repositories and keeping malicious components out requires a combination of technology and people.- — 130K+ Patients' Social Security Numbers Leaked in UHS of Delaware Data Breach
- at 5/26/23 1:47pmNo more information available.
- — Tesla Whistleblower Leaks 100GB of Data, Revealing Safety Complaints
- at 5/26/23 11:32amInformants have released data that includes thousands of safety complaints the company has received about its self-driving capability, as well as sensitive information regarding current and past employees.
- — Travel-Themed Phishing, BEC Campaigns Get Smarter as Summer Season Arrives
- at 5/26/23 10:45amPhishing campaigns targeting travelers have evolved from simple, easy-to-spot fraud attempts to highly sophisticated operations.
- — How Safe Is Your Wearable Device?
- at 5/26/23 8:00amTo mitigate risk, both developers and users must include security principles and technologies as core foundations in new devices.
- — Russia's War in Ukraine Shows Cyberattacks Can Be War Crimes
- at 5/25/23 6:15pmUkraine's head of cybersecurity Victor Zhora says the world needs "efficient legal instruments to confront cyber terrorism."
- — 'Volt Typhoon' Breaks Fresh Ground for China-Backed Cyber Campaigns
- at 5/25/23 3:53pmThis is the first incident where a threat actor from the country appears to be laying the groundwork for disruptive attacks in the future, researchers say.
- — Red Hat Tackles Software Supply Chain Security
- at 5/25/23 3:50pmThe new Red Hat Trusted Software Supply Chain services help developers take a secure-by-design approach to build, deploy, and monitor software.
- — CosmicEnergy Malware Emerges, Capable of Electric Grid Shutdown
- at 5/25/23 3:30pmRussian code that could tamper with industrial machines and toggle RTUs on and off was floating around VirusTotal for years before being noticed. It raises new questions about the state of OT security.
- — Lazarus Group Striking Vulnerable Windows IIS Web Servers
- at 5/25/23 3:18pmThe infamous North Korean APT group is using Log4Shell, the 3CX supply chain attack, and other known vectors to breach Microsoft Web servers.
- — Netflix's Password-Sharing Ban Offers Security Upsides
- at 5/25/23 2:52pmThe streaming giant is looking to bolster flagging subscription growth and profits, but security researchers say the move offers a perfect opportunity to encourage better password hygiene and account safety.
- — Perception Point Report Finds That Advanced Phishing Attacks Grew by 356% in 2022
- at 5/25/23 1:48pmPerception Point's 2023 Annual Report: Cybersecurity Trends & Insights' analyzes the most prevalent cyberattack trends amidst today's complex threat landscape, identifying an overall increase of 87% in the total number of attacks over the course of last year.
- — Memcyco Delivers Real-Time Brandjacking Detection and Protection Solution
- at 5/25/23 1:24pmNo more information available.
- — Bank of Ghana Opens SOC to Enable Threat Intelligence Sharing
- at 5/25/23 11:24amBank of Ghana's security operations center will boost visibility into threats and enable threat intelligence sharing, it says.
- — 'Operation Magalenha' Attacks Give a Window Into Brazil's Cybercrime Ecosystem
- at 5/25/23 8:56amA campaign against customers of Portuguese banks uses a capable financial malware strain dubbed PeepingTitle, written in the Delphi programming language.
- — 'Operation Magalenha' Attacks Gives Window Into Brazil's Cybercrime Ecosystem
- at 5/25/23 8:56amA campaign against customers of Portuguese banks uses a capable financial malware strain dubbed PeepingTitle, written in the Delphi programming language.
- — Google Cloud Bug Allows Server Takeover From CloudSQL Service
- at 5/25/23 8:18amResearchers could access sensitive data and steal secrets by exploiting a vulnerability in GCP's security layer, eventually running rampant in the environment.
- — Dangerous Regions: Isolating Branch Offices in High-Risk Countries
- at 5/25/23 8:00amOrganizations must be cautious about how they interact with other regions around the world in order to operate safely in an at-times adversarial landscape.
- — CISO Criminalization, Vague Cyber Disclosure Rules Create Angst for Security Teams
- at 5/25/23 7:00amin the wake of the ex-Uber CISO verdict, CISOs ask for clearer rules and less uncertainty in managing disclosures, amid jail-time fears.
- — 'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs
- at 5/24/23 4:09pmAccording to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea.
- — Honeywell Releases Cyber Insights to Better Identify Cybersecurity Threats and Vulnerabilities
- at 5/24/23 3:52pmThe new software-led solution enables organizations to defend against cybersecurity threats in their operational technology (OT) environments.
- — Israeli Shipping, Logistics Companies Targeted in Watering Hole Attacks
-
![[-]](img/ib-mark_nm.png "mark as read")
at 5/24/23 10:30amResearchers say the Iranian nation-state actor known as Tortoiseshell could be behind the attacks. - — 5 Questions to Ask When Evaluating a New Cybersecurity Technology
- at 5/24/23 8:00amAny new cybersecurity technology should be not just a neutral addition to a security stack but a benefit to the other technologies or people managing them.
As of 5/28/23 6:50pm. Last new 5/26/23 2:53pm.
- Next feed in category: Tech News World