Security Bundle

"CISA and Open SSF release framework for Package Repository Security."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 12 February 2024, 1323 UTC.

Content and Source:  https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895 ("Security Bundle").

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

16

MOST POPULAR

CISA and OpenSSF Release Framework for Package Repository Security
OpenSSF and CISA release package repository
39The Hacker News 1h
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it's partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to publish a new framework to secure package repositories. Called the Principles for Package Repository Security, the framework aims to establish a set of foundational rules for package
ExpressVPN leaked DNS requests due to a bug in the split tunneling feature
ExpressVPN split tunneling bug leaked DNS requests
30Security Affairs 2h
A bug in the split tunneling feature implemented in ExpressVPN exposed the domains visited by the users. ExpressVPN addressed a bug in the split tunneling feature that exposed the domains visited by the users to configured DNS servers. The company opted to temporarily remove the feature in the Windows app to address the issue. The bug will be enabled in a future release when the company will fix
Bugcrowd Raises $102 Million
Bugcrowd raises $102 million
SecurityWeek 1h
Bugcrowd has raised $102 million in strategic growth funding, which it will use to accelerate growth and improve its platform. The post appeared first on SecurityWeek .

TODAY

4 Ways Hackers use Social Engineering to Bypass MFA
2 TTPs
38The Hacker News 1h
When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential layer of protection against breaches. However, it's important to remember that MFA isn't foolproof. It can be bypassed, and it often is. If a password is compromised, there are several options
Why Are Compromised Identities the Nightmare to IR Speed and Efficiency?
24The Hacker News 2h
Incident response (IR) is a race against time. You engage your internal or external team because there's enough evidence that something bad is happening, but you’re still blind to the scope, the impact, and the root cause. The common set of IR tools and practices provides IR teams with the ability to discover malicious files and outbound network connections. However, the identity aspect - namely

YESTERDAY

9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data
Security Affairs 4h
Exploring the Risks: Unveiling 9 Potential Techniques Hackers Employ to Exploit Public Wi-Fi and Compromise Your Sensitive Data We’ve all used public Wi-Fi: it’s convenient, saves our data, and speeds up browsing. But while we enjoy its benefits, hackers do too. Here, we’ll explore how cybercriminals exploit public Wi-Fi to access your private data and possibly steal your identity. Plus, we’ll di
US Feds arrested two men involved in the Warzone RAT operation
IoC > 1 domain
Security Affairs 4h
DOJ shuts down 'Warzone' malware vendor
The U.S. Justice Department (DoJ) seized the infrastructure that was used to sell the remote access trojan (RAT) Warzone RAT. The Justice Department announced the seizure of internet domains used to sell the remote access Trojan Warzone RAT (www.warzone[.]ws). The seizure is the result of an international law enforcement operation, federal authorities in Atlanta and Boston charged individuals in
Microsoft Introduces Linux-Like 'sudo' Command to Windows 11
100+The Hacker News 6h
Microsoft said it's introducing Sudo for Windows 11 as part of an early preview version to help users execute commands with administrator privileges. "Sudo for Windows is a new way for users to run elevated commands directly from an unelevated console session," Microsoft Product Manager Jordi Adoumie said. "It is an ergonomic and familiar solution for users who want to elevate a command
U.S. Offers $10 Million Bounty for Info Leading to Arrest of Hive Ransomware Leaders
2 TTPs
37The Hacker News 8h
US offers $10M reward for Hive ransomware leaders
The U.S. Department of State has announced monetary rewards of up to $10 million for information about individuals holding key positions within the Hive ransomware operation. It is also giving away an additional $5 million for specifics that could lead to the arrest and/or conviction of any person "conspiring to participate in or attempting to participate in Hive ransomware activity."

END OF FEED

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

SecurityWeek Briefing.

Image
"Microsoft offers up to $15,000 in New AI Bug Bounty Program." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 13 October 2023, 2020 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtxdZHmrfcBkMDJSSNTtHlmhQX ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Friday, October 13, 2023 CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware Juniper Networks Patches Over 30 Vulnerabilities in Junos OS In Other News : Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty Dozens of Squid Proxy Vulnerabilities Remain Unpatched 2 Years After Disclosure Microsoft Offers Up to $15,000 in New AI Bug Bounty Program Researcher Co
Read more

Cyber War Newswire

Image
"Fears Russian 'space weapon' could be used for cyberwarfare and sabotage." Views expressed in this cybersecurity and cyberespionage update are those of the reporters and correspondents.  Accessed on 23 May 2024, 2016 UTC. Content and Source:  https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig/Cyber War News-EIN Presswire. Please scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). CYBER WAR NEWS MONITORING Get by    Email    •     RSS Published on  May 22, 2024 Fears Russian 'space weapon' could be used for cyberwarfare and sabotage The US has accused Russia of launching an anti-satellite weapon into space and placing it in the same orbit as an American probe, leading to fears of possible sabotage and cyber warfare. Pentagon spokesman Brigadier General Pat
Read more

SecurityWeek Briefing.

Image
"Health Care Solutions giant disrupted by Cyberattack." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 19 October 2023, 2033 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGwHLhdlHbpbQJXqhLLSvQbhdnC ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Thursday, October 19, 2023 Healthcare Solutions Giant Disrupted by Cyberattack Thousands of Remote IT Workers Sent Wages to North Korea to Help Fund Weapons Program CipherStash Raises $3 Million for Encryption-in-Use Technology US Government Releases Anti-Phishing Guidance Google Play Protect Gets Real-Time Code Scanning Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,00
Read more