Developers need to be cautious about whom they trust on GitHub because it's easy to establish fake credibility on the platform, security vendor warns.
| | | LATEST SECURITY NEWS & COMMENTARY | | How Attackers Could Dupe Developers into Downloading Malicious Code From GitHub Developers need to be cautious about whom they trust on GitHub because it's easy to establish fake credibility on the platform, security vendor warns. 'AIG' Threat Group Launches With Unique Business Model The rapidly growing Atlas Intelligence Group relies on cyber-mercenaries to carry out its missions. Unpatched GPS Tracker Security Bugs Threaten 1.5M Vehicles With Disruption A GPS device from MiCODUS has six security bugs that could allow attackers to monitor 1.5 million vehicles that use the tracker, or even remotely disable vehicles. Sandworm APT Trolls Researchers on Its Trail as It Targets Ukraine Researchers who helped thwart the Russian nation-state group's recent attack on Ukraine's power supply will disclose at Black Hat USA what they found while reverse-engineering the powerful Industroyer2 malware used by the powerful hacking team. Is Cryptocurrency's Crash Causing Headaches for Ransomware Gangs? Bitcoin is down more than 70% from its highs late last year, causing disruptions for cybercriminals and the underground exchanges that fuel the dark markets. Chaotic LAPSUS$ Group Goes Quiet, but Threat Likely Persists The LAPSUS$ group emerged with a big splash at the end of 2021, targeting companies, including Okta, with a "reckless and disruptive" approach to hacking. DHS Review Board Deems Log4j an 'Endemic' Cyber Threat Vulnerability will remain a "significant" threat for years to come and highlighted the need for more public and private sector support for open source software ecosystem, Cyber Safety Review Board says. How Hackers Create Fake Personas for Social Engineering And some ways to up your game for identifying fabricated online profiles of people who don't exist. Virtual CISOs Are the Best Defense Against Accelerating Cyber-Risks A poor, permanent hire can be a very expensive error, whereas a mis-hire on a virtual CISO can be rapidly corrected. 3 Golden Rules of Modern Third-Party Risk Management It's time to expand the approach of TPRM solutions so risk management is more effective in the digital world. Name That Toon: Modern-Day Fable Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. Protecting Against Kubernetes-Borne Ransomware The conventional wisdom that virtual container environments were somehow immune from malware and hackers has been upended. MORE NEWS / MORE COMMENTARY | | |
| | | | | WEBINARS | | Ransomware Resilience and Response: The Next Generation When ransomware locks up your business's critical data and essential gear, there is no time to figure out what to do. There is only time to act - without panicking. That's why a good ransomware response playbook is essential: Do ... Assessing Cyber Risk Top executives often ask, "how safe are we from a cyber breach?" But it can be difficult to quantitatively measure cyber risk, and even harder to assess your organization's attack surface. In this webinar, you'll learn how to evaluate your ... | | View More Dark Reading Webinars >> |
|
| | | | |
|
Dark Reading Weekly
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
