10 Mar Linux Foundation unveils Sigstore — a Let’s Encrypt for code signingThe Linux Foundation, Red Hat, Google, and Purdue have unveiled the free ‘sigstore’ service that lets developers code-sign and verify open source software to prevent supply-chain attacks. […]
10 Mar Europol ‘unlocks’ encrypted Sky ECC chat service to make arrestsEuropean law enforcement authorities have made a large number of arrests after a joint operation involving the monitoring of organized crime communication channels over the Sky ECC encrypted chat. […]
10 Mar F5 urges customers to patch critical BIG-IP pre-auth RCE bugF5 Networks, a leading provider of enterprise networking gear, has announced four critical remote code execution (RCE) vulnerabilities affecting most versions of BIG-IP and BIG-IQ software. […]
10 Mar Norway parliament data stolen in Microsoft Exchange attackNorway’s parliament, the Storting, has suffered another cyberattack after threat actors stole data using the recently disclosed Microsoft Exchange vulnerabilities. […]
10 Mar More hacking groups join Microsoft Exchange attack frenzyMore state-sponsored hacking groups have joined the ongoing attacks targeting tens of thousands of on-premises Exchange servers impacted by severe vulnerabilities tracked as ProxyLogon. […]
10 Mar Ryuk ransomware hits 700 Spanish government labor agency officesThe systems of SEPE, the Spanish government agency for labor, were taken down following a ransomware attack that hit more than 700 agency offices across Spain. […]
09 Mar Adobe fixes critical Creative Cloud, Adobe Connect vulnerabilitiesAdobe has released security updates that fix vulnerabilities in Adobe Creative Cloud Desktop, Framemaker, and Connect. […]
09 Mar z0Miner botnet hunts for unpatched ElasticSearch, Jenkins serversA cryptomining botnet spotted last year is now targeting and attempting to take control of Jenkins and ElasticSearch servers to mine for Monero (XMR) cryptocurrency. […]
09 Mar GandCrab ransomware affiliate arrested for phishing attacksA suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims. […]
09 Mar Security bug hunters focus on misconfigured services, earn big rewardsAn overview of the hacking activity on the HackerOne vulnerability coordination and bug bounty platform shows that misconfiguration of cloud resources is quickly becoming a hot target for ethical hackers. […]