Jan 20, 2023 | Podcast
Proof of concept exploits for critical vulnerabilities in three popular wordpress plugins have been made publicly available. The plugins are “Paid Memberships Pro’, ‘Easy Digital Downloads’ and ‘Survey Marker’. These plugins are...
Jan 19, 2023 | Podcast
CircleCI has released a new security incident report providing more information on the attack they suffered earlier this month. They first learned about the attack from a customer reporting that their GitHub token has being compromised. Internal investigations...
Jan 18, 2023 | Podcast
Malicious python packages designed to steal information from developers’ systems have been recently discovered by Fortinet. The packages were uploaded to the Python Package Index between January 7 and 12 this year by an author named lolipop. The names of the...
Jan 18, 2023 | Podcast
If you’re a developer then you need to make sure you have upgraded to the latest version of Git. Git just patched two critical severity security vulnerabilities that could allow attackers to perform remote code execution. The security vulnerabilities were...
Jan 17, 2023 | Podcast
Johannes Ullrich released a public service announcement today on why you must run an adblocker when using the internet. He claims that ad networks are not doing enough due diligence on the ads that they run on their networks. He provided examples of Google search...
Jan 16, 2023 | Podcast
NortonLifeLock sent data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. The company observed unusually high volumes of fail login attempts in December with...
Jan 13, 2023 | Podcast
The ransomware attack against Queensland’s second largest university in late December has caused financial impact to some university students. The attack saw the Queensland University of Technology shutting down several computer systems . Because of the attack,...
Jan 12, 2023 | Podcast
Henrik from Endor Labs recently created a small prototype Go application for detecting malicious packages early. The article shares what his application found, his view on the evolution of malicious packages and what we should be doing to protect ourselves from it....
Jan 11, 2023 | Podcast
Smart cars are great. They allow you to remotely lock and unlock your car, start or stop the engine, provide the car’s gps location, flash the headlights and honk the horn from any location. It could be using the manufacturer’s provided mobile app or via...
Jan 10, 2023 | Podcast
An Australian cybersecurity firm has recently uncovered a database of 14 million username and passwords. A portion of them, over 100,000 records belong to multiple government entities in Australia, that is domains ending with .gov.au This is currently being...
