Mar 14, 2023 | Podcast
GitHub has begun a gradual roll out of requiring active developers to enable two-factor authentication on their accounts. This is part of the company’s move towards securing the supply chain by moving away from basic password-based authentication. In addition to...
Mar 13, 2023 | Podcast
Researchers at Palo Alto Networks have spotted a brute force botnet malware that are targeting web servers running phpMyAdmin, MySQL, FTP and Postgres services. The Golang based botnet will attempt to brute force accounts with weak or default passwords. Once it has...
Mar 10, 2023 | Podcast
The Sydney Morning Herald has reported that the chief executive of Optus has maintained that the cyberattack on her organisation in September last year was perpetrated by a skilled cybercriminal. She said that the attacker had knowledge of Optus’ systems and cycled...
Mar 9, 2023 | Podcast
Endor Labs, in collaboration with 20 CISOs and technology veterans have identified the top 10 open source risks of 2023. They are: 1. Known vulnerabilities. – Where developers accidentally introduce a component that contains vulnerable code 2. Compromise of...
Mar 8, 2023 | Podcast
Google has released its March 2023 security updates for Android. The update addresses 60 flaws including two critical-severity remote code execution vulnerabilities. The two flaws are tracked as CVE-2023-20951 and CVE-2023-20954. Google is currently withholding...
Mar 7, 2023 | Podcast
Over 450 malicious python packages were discovered to use typo squatting to steal crypto. The threat actor is using between 13 and 38 typosquatting versions for popular packages to cover a broad range of mistakes that would result in downloading the malicious package....
