Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens

2022-06-16 - An unpatched security issue in the Travis CI API has left tens of thousands of developers' user tokens exposed to potential attacks, effectively allowing threat actors to breach cloud infrastructures, make unauthorized code changes, and initiate supply chain attacks. "More than 770 million logs of free tier users are available, from which you can easily extract tokens, secrets, and other

Source: Tweakers.net, Ravie Lakshmanan

New Hertzbleed Side Channel Attack Affects All Modern AMD and Intel CPUs

2022-06-16 - A newly discovered security vulnerability in modern Intel and AMD processors could let remote attackers steal encryption keys via a power side channel attack. Dubbed Hertzbleed by a group of researchers from the University of Texas, the University of Illinois Urbana-Champaign, and the University of Washington, the issue is rooted in dynamic voltage and frequency scaling (DVFS), a power and

Source: Tweakers.net, Ravie Lakshmanan

Panchan: A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers

2022-06-16 - A new Golang-based peer-to-peer (P2P) botnet has been spotted actively targeting Linux servers in the education sector since its emergence in March 2022. Dubbed Panchan by Akamai Security Research, the malware "utilizes its built-in concurrency features to maximize spreadability and execute malware modules" and "harvests SSH keys to perform lateral movement." <!--adsense--> The feature-packed

Source: Tweakers.net, Ravie Lakshmanan

Patch Tuesday: Microsoft Issues Fix for Actively Exploited 'Follina' Vulnerability

2022-06-16 - Microsoft finally released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch Tuesday updates. Also addressed by the tech giant are 55 other flaws, three of which are rated Critical, 51 are rated Important, and one is rated Moderate in severity. Separately, five more shortcomings were resolved in the Microsoft Edge browser. <!--adsense-->

Source: Tweakers.net, Ravie Lakshmanan

Comprehensive, Easy Cybersecurity for Lean IT Security Teams Starts with XDR

2022-06-15 - Breaches don't just happen to large enterprises. Threat actors are increasingly targeting small businesses. In fact, 43% of data breaches involved small to medium-sized businesses. But there is a glaring discrepancy. Larger businesses typically have the budget to keep their lights on if they are breached. Most small businesses (83%), however, don't have the financial resources to recover if they

Source: Tweakers.net, The Hacker News

Ett stort företag börjar från små.
Grundades 2015
let's talk about your project

Innehållet i detta e-postmeddelande är konfidentiellt och avsett endast för den mottagare som anges i meddelandet.