Apple released an update for its Xcode integrated development environment this week to address a couple of serious vulnerabilities in the Git version control system.
read more
272 Million Email Credentials Discovered in Cybercrime Forum
Researchers discovered 'a young Russian hacker' bragging in an online forum that he had acquired and was ready to give away 1.17 billion stolen credential records. Even after deduping, it still amounts to 272.3 million stolen accounts.
read more
Core Infrastructure Initiative Gives Out Best Practices Badges
The Linux Foundation’s Core Infrastructure Initiative (CII) announced this week the names of the projects that received badges as part of its best practices program so far.
read more
Stored XSS Flaw Patched in bbPress WordPress Plugin
A vulnerability in the popular WordPress plugin bbPress can be exploited to insert malicious JavaScript code into forum posts, web security company Sucuri has warned.
read more
Incident Response: What is the Point of Analysis Anyway?
What is the point of analysis anyway? Perhaps this sounds like a bit of a shocking or radical question, but I’d argue that it is one that sorely needs to be asked — and answered. What do I mean by that? Allow me to elaborate.
read more
Lost Door RAT Promoted via Facebook and Google’s Blogspot
Trend Micro said that it recently analyzed a cyber attack that used a remote access Trojan (RAT) known as Lost Door." While Lost Door is not new malware, it easily customizable and consequently "can be hard to detect and protect against, posing a challenge to IT administrators."
read more
Iran-linked Hackers Used “Infy” Malware in Attacks Since 2007
Researchers at Palo Alto Networks have come across a new malware family that appears to have been used by an Iran-based threat actor in targeted espionage operations since 2007.
read more
Qatar National Bank Hackers Threaten Data Leak From Second Bank
"Bozkurtlar" Hackers Behind Qatar National Bank Breach Could Leak Data From Second Bank
read more
Podcast: Why Are Hospitals Such a Prime Ransomware Target?
Mike Hanley, Director of Duo Labs at Duo Security, joins Ryan Naraine on the podcast to talk about the state of security in the healthcare sector and why hospitals are such a prime target for ransomware attacks.
read more
Non-Security OpenSSL Bugs Lead to Serious Vulnerability
The OpenSSL Project released on Tuesday versions 1.0.2h and 1.0.1t to patch several vulnerabilities that can be exploited for denial-of-service (DoS) attacks, arbitrary code execution and traffic decryption.
read more
