The Hacker News Daily Updates

"Python Developers Beware:  Clipper Malware Found in 450+ PyPI Packages."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 14 February 2023, 1340 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGrcXsbdNqBNZVdqcDDlKFtXxPB ("The Hacker News Daily Updates").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates
Newsletter
cover

Benchmarking Cyber Risk and Readiness

Understanding the Prevalence and Risk of Internet Exposed Protocols on Organizations Networks

Download NowSponsored
LATEST NEWSFeb 14, 2023

Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!

Malicious actors have published more than 451 unique Python packages on the official Python Package Index (PyPI) repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a follow-up to a campaign that was initially disclosed in November 2022. The initial vector entails ...

Read More
TwitterFacebookLinkedIn

A CISOs Practical Guide to Storage and Backup Ransomware Resiliency

One thing is clear. The "business value" of data continues to grow, making it an organization's primary piece of intellectual property. From a cyber risk perspective, attacks on data are the most prominent threat to organizations.  Regulators, cyber insurance firms, and auditors are paying much closer attention to the integrity, resilience, and recoverability of organization data – as well ...

Read More
TwitterFacebookLinkedIn

Show open-source some love by joining The Big Fix

The Big Fix brings together developers & security practitioners worldwide to learn about application security and fix vulnerabilities in their favorite open-source projects. Join the Snyk event for a month of networking, winning swag, and making the internet more ...

Read More
TwitterFacebookLinkedIn

Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad

Microsoft on Monday attributed a China-based cyber espionage actor to a set of attacks targeting diplomatic entities in South America. The tech giant's Security Intelligence team is tracking the cluster under the emerging moniker DEV-0147, describing the activity as an "expansion of the group's data exfiltration operations that traditionally targeted government agencies and think tanks in ...

Read More
TwitterFacebookLinkedIn

Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second

Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service (DDoS) attack that peaked at over 71 million requests per second (RPS). "The majority of attacks peaked in the ballpark of 50-70 million requests per second (RPS) with the largest exceeding 71 million," the company said, calling it a "hyper-volumetric" DDoS attack. It's ...

Read More
TwitterFacebookLinkedIn

Patch Now: Apple's iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw

Apple on Monday rolled out security updates for iOS, iPadOS, macOS, and Safari to address a zero-day flaw that it said has been actively exploited in the wild. Tracked as CVE-2023-23529, the issue relates to a type confusion bug in the WebKit browser engine that could be activated when processing maliciously crafted web content, culminating in arbitrary code execution. The iPhone maker said ...

Read More
TwitterFacebookLinkedIn

Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players' Systems

An unknown threat actor created malicious game modes for the Dota 2 multiplayer online battle arena (MOBA) video game that could have been exploited to establish backdoor access to players' systems. The modes exploited a high-severity flaw in the V8 JavaScript engine tracked as CVE-2021-38003 (CVSS score: 8.8), which was exploited as a zero-day and addressed by Google in October 2021. "Since ...

Read More
TwitterFacebookLinkedIn

Honeypot-Factory: The Use of Deception in ICS/OT Environments

The recently published Security Navigator report of Orange Cyberdefense shows there has been a  rapid increase of attacks on industrial control systems (ICS) in the past few years. Looking a bit closer, most of the attacks seem to have spilt over from traditional IT. That's to be expected, as production systems are commonly connected to ordinary corporate networks at this point. Though the ...

Read More
TwitterFacebookLinkedIn
cover

Benchmarking Cyber Risk and Readiness

Understanding the Prevalence and Risk of Internet Exposed Protocols on Organizations Networks

Download NowSponsored

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more