GitHub’s Dark Secret: Deleted Data Never Really Dies
https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github A new security vulnerability has been uncovered on GitHub that allows access to data from deleted repositories and forks. This means that sensitive information, such as API keys,...France Battles Cyberespionage Ahead of Olympics
https://www.linkedin.com/posts/parquet-de-paris_communiqu%C3%A9-de-presse-plugx-activity-7222119504518987778-LRCi French authorities have launched a massive operation to combat a cyberespionage campaign targeting thousands of computers within the country. The...Mysterious Rings and QR Codes: The Emergence of Brushing Scams
https://www.sbs.com.au/news/article/a-ring-a-mysterious-box-and-a-qr-code-the-scam-laura-never-saw-coming/pn83e0uux A complex new cyber scam has surfaced, involving the delivery of unsolicited diamond rings and suspicious QR codes to unsuspecting victims. The scam,...SBOMs: A Crucial Tool Hampered by Standardization Issues
https://www.darkreading.com/vulnerabilities-threats/wanted-sbom-standard-to-rule-them-all Software Bills of Materials (SBOMs) have become essential for securing software supply chains in the wake of high-profile cyberattacks. Mandated by government agencies and...
CrowdStrike Incident – Lessons Learned In DevSecOps and BCP
The recent CrowdStrike update that led to a global IT outage and the infamous Blue Screen of Death (BSOD) on millions of Windows machines. This incident has brought to light critical lessons in DevSecOps and the importance of Business Continuity Planning (BCP)....North Korean Hacker Poses as IT Worker in Attempted Cyberattack
https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us A security firm, KnowBe4, has foiled an attempt by a North Korean hacker to infiltrate its systems by posing as a legitimate software engineer. The company successfully identified and...Google U-Turns on Third-Party Cookie Phaseout
https://privacysandbox.com/news/privacy-sandbox-update In a major policy reversal, Google has abandoned its plans to phase out third-party tracking cookies in its Chrome web browser. The tech giant, which has faced intense scrutiny and regulatory pressure over its...20 Million Domains at Risk from New Email Spoofing Attacks
https://www.darkreading.com/threat-intelligence/20-million-trusted-domains-vulnerable-to-email-hosting-exploits Cybersecurity researchers have uncovered a critical vulnerability affecting over 20 million trusted domains, including those belonging to Fortune 500...