Publicly accessible code is often full of credentials
Publicly accessible programming code is still often riddled with certain credentials that can give anyone a peek into underlying databases or (cloud) services. This is what security specialist GitGuardian recently found in a survey of 450,000 Python projects.
Developers still cannot keep their c... Read more
Risk of security incidents due to supply chain increases
The risk that companies are faced with a cyber incident due to a relationship with a supplier or "fourth party" in the supply chain is increasing. This according to SecurityScorecard and The Cyentia Institute in a joint study.
The survey found that 98 percent of companies surveyed have a relatio... Read more
State-backed North Korean hackers have a smart way of reading your Gmail
Security researchers revealed never-seen-before malware that competent North Korean hackers use to sneak, read, and access the attachments and emails from AOL and Gmail users' accounts.
A malware, dubbed SHARPEXT by security researchers from security firm Volexity, uses smart methods to download... Read more
HP MFPs facing security vulnerabilities
Over 150 HP printers were tested by F-Secure Corp and were found to have security vulnerabilities that date back to 2013.
Security concerns are a global phenomenon, especially in the age of data. From entire databases getting hacked to something as menial as a printer, security vulnerabilities a... Read more
Hackers breached Pulse Secure VPN of companies and government agencies
Suspected Chinese state-sponsored hackers exploited vulnerabilities in Pulse Secure LLC virtual private network appliances, breaching multiple U.S. government agencies.
The attacks were confirmed by FireEye, Pulse Secure itself and the U.S. Department of Homeland Security’s Cybersecurity and ... Read more
Google will inform users when their accounts are under attack
Google is on track to release alert features that users can deploy to be notified quicker if their accounts are suspected of being under attack or breached. The features were announced on Wednesday in conjunction with other privacy additions.
Google has security systems designed to look for acti... Read more
Nearly all companies report email-related breaches
Outgoing emails constitute the most widespread cause of enterprise data breaches. With the pandemic forcing people to work from home, the amount of emails sent has increased, making the threat even more pronounced.
This comes from a new report by the security firm Egress, which says that about 9... Read more
Critical Bluetooth vulnerability gives hackers full access
A new vulnerability has been found in the Bluetooth wireless standard. Hackers can exploit it to connect to devices remotely in any given area and access phone apps. The flaw has since been named Blurtooth and was described in detail by the Bluetooth SIG industry body that oversees the standard dev... Read more
The U.S. wants to ban more Chinese apps over national security
The Trump administration is looking to ban more Chinese apps that they claim are a national security threat. This, according to the White House chief of staff, Mark Meadows. He made the comments on Thursday, aboard Air Force One, according to reports.
However, he did not mention anything about t... Read more
Studies show human errors are the biggest threat to cloud security
According to two recent studies by security providers, the single greatest security threat cloud users face is caused by configuration errors. The second most common type of breach is caused by user error. The study by Verizon Corp.’s 2020 Data Breach Report, shows that misconfigurations are the ... Read more