Category Security

February 23, 2023Rabbi LakshmananSoftware security / supply chain attacks Cybersecurity researchers warn of “spoofed packages” that mimic popular libraries available in the Python Package Index (PyPI) repository. 41 malicious PyPI packages have been found disguised as typosquatted variants of legitimate…

Boyfriend the bot, Facebook Checkmark Charge, Twitter Blue, and Will Ferrell’s football fan taunt… All of this is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault. host: Graham Cluley…

Russian media blamed hackers after Russian civilian radio stations broadcast bogus warnings about air and missile attacks. The Russian government agency, the Ministry of Emergencies, has reportedly warned that broadcasters such as Gazprom’s media stations Relax FM, Comedy Radio and…

Activision has confirmed that a cybersecurity incident occurred in December 2022, but did not provide details about the alleged data breach. The Call of Duty developers released the following statement to the media: or accessed player data. ” But on…

February 22, 2023Rabbi LakshmananCyber ​​risk / patch management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. Here is the list of…

A new threat actor has been observed targeting Asian shipping companies and medical research institutes with phishing emails. Named “Hydro Kazuma” Symantec According to cybersecurity researchers, the attackers may have had an interest in industries related to COVID-19 treatments and…

February 22, 2023Rabbi LakshmananCyber ​​Espionage / Cyber ​​Attack An Asian shipping company and medical research institute have been the target of a suspected espionage operation carried out by a never-before-seen threat actor. Hydro Kazuma. The campaign, which has been ongoing…

More than four in five (84%) codebases contain at least one known open source vulnerability. Numerical values ​​are new to Synopsys Open source security and risk analysis report (Osra)citing an increase of almost 4% compared to last year. The survey…

February 22, 2023hacker newsCyber ​​risk management A Google search for “third-party data breach” reveals many recent reports of data breaches caused by third-party attacks or exposure of sensitive information stored at third-party locations. . Third-party data breaches are differentiated by…

Attackers have been observed uploading over 15,000 spam packages to the npm open source JavaScript repository from multiple user accounts within hours. This claim was posted by Javascript developer Jesse Mitchell. on Twitter on tuesday. “I’ve noticed a spam attack…