Dropbox Breach: Hackers Unauthorizedly Accessed 130 GitHub Source Code Repositories
File hosting service Dropbox on Tuesday disclosed that it was the victim of a phishing campaign that allowed unidentified threat actors to gain unauthorized access to 130 of its source code...
OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities
The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution.
The issues, tracked...
Researchers Disclose Details of Critical 'CosMiss' RCE Flaw Affecting Azure Cosmos DB
Microsoft on Tuesday said it addressed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB that enabled full read and write access.
The tech giant said the problem was introduced on August...
Chinese Hackers Using New Stealthy Infection Chain to Deploy LODEINFO Malware
The Chinese state-sponsored threat actor known as Stone Panda has been observed employing a new stealthy infection chain in its attacks aimed at Japanese entities.
Targets include media, diplomatic, governmental and public...
Last Years Open Source - Tomorrow's Vulnerabilities
Linus Torvalds, the creator of Linux and Git, has his own law in software development, and it goes like this: "given enough eyeballs, all bugs are shallow." This phrase puts the...
Critical RCE Vulnerability Reported in ConnectWise Server Backup Solution
IT service management software platform ConnectWise has released Software patches for a critical security vulnerability in Recover and R1Soft Server Backup Manager (SBM).
The issue, characterized as a "neutralization of Special Elements in Output...
The spy who rented to me? Throwing the spotlight on hidden cameras in Airbnbs
Do you find reports of spy cams found in vacation rentals unsettling? Try these tips for spotting hidden cameras and put your worries to rest. The post The spy who rented to me? Throwing the spotlight on hidden cameras in Airbnbs appeared first on WeLiveSecurity
Episode 245: How AI is remaking knowledge-based authentication
Six decades in, password use has tipped into the absurd, while two-factor authentication is showing its limits. We talk with Matt Salisbury of Honeybadger HQ, which is using AI and machine...