github – Page 3 – PossibleThreat Articles

MalwareBytes Security

Update now! GitLab issues critical security release for RCE vulnerability

August 25, 2022 0 Comments cve-2022-2884, Exploits and vulnerabilities, github, gitlab, import, news, rce

Categories: Exploits and vulnerabilities

Categories: News

Tags: GitLab

Tags: RCE

Tags: CVE-2022-2884

Tags: GitHub

Tags: import

GitLab has released important security fixes to patch for an RCE vulnerability, known as CVE-2022-2884.

(Read more…)

The post Update now! GitLab issues critical security release for RCE vulnerability appeared first on Malwarebytes Labs.

Security Sophos

S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]

August 11, 2022 0 Comments Cryptography, Cybercrime, data loss, github, Hacking, Law & order, malware, Microsoft, Naked Security Podcast, Podcast, Privacy, Quantum Computing

Credit to Author: Paul Ducklin| Date: Thu, 11 Aug 2022 14:34:09 +0000

Latest episode – listen now! (Or read the transcript if you prefer.)

Security Sophos

GitHub blighted by “researcher” who created thousands of malicious projects

August 3, 2022 0 Comments github, Law & order, malware, supply chain

Credit to Author: Paul Ducklin| Date: Wed, 03 Aug 2022 23:06:28 +0000

If you spew projects laced with hidden malware into an open source repository, don’t waste your time telling us “no harm done” afterwards.

Security Sophos

S3 Ep81: Passwords (still with us!), Github, Firefox at 100, and network worms [Podcast]

May 5, 2022 0 Comments Cybercrime, firefox, github, Hacking, Naked Security Podcast, Podcast

Credit to Author: Paul Ducklin| Date: Thu, 05 May 2022 14:16:18 +0000

Latest episode – listen now!

Security Sophos

GitHub issues final report on supply-chain source code intrusions

April 29, 2022 0 Comments data loss, github, Microsoft, oauth, supply chain, Zero Trust

Credit to Author: Paul Ducklin| Date: Fri, 29 Apr 2022 16:15:20 +0000

Learn how to find out which apps you’ve given access rights to, and how to revoke those rights immediately in an emergency.

MalwareBytes Security

Ukraine government and pro-Ukrainian sites hit by DDoS attacks

April 29, 2022 0 Comments brownflood, cert-ua, compromised wordpress sites, DDoS, DDos attack, distributed denial of service attack, github, security world, Wordpress

Credit to Author: Malwarebytes Labs| Date: Fri, 29 Apr 2022 08:01:46 +0000

We can’t tell which party made the first move, but both the pro-Ukraine and Russian sides have been exchanging DDoS attacks.

The post Ukraine government and pro-Ukrainian sites hit by DDoS attacks appeared first on Malwarebytes Labs.

Independent Krebs Security

Fighting Fake EDRs With ‘Credit Ratings’ for Police

April 27, 2022 0 Comments A Little Sunshine, Apple, AT&T, Coinbase, discord, emergency data request, FBI, github, Google, kodex, LinkedIn, matt donahue, meta, Microsoft, snapchat, T-Mobile, The Coming Storm, TikTok, twilio, twitter, verizon, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 27 Apr 2022 14:27:35 +0000

When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests — in part by assigning trustworthiness or “credit ratings” to law enforcement authorities worldwide.

Independent Krebs Security

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

March 17, 2022 0 Comments alex holden, github, Hold Security, protestware, russia's war on ukraine, The Coming Storm

Credit to Author: BrianKrebs| Date: Thu, 17 Mar 2022 22:33:21 +0000

Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.

Security Sophos

Adafruit suffers GitHub data breach – don’t let this happen to you

March 7, 2022 0 Comments adafruit, data breach, data loss, ex-employee, github

Credit to Author: Paul Ducklin| Date: Mon, 07 Mar 2022 12:47:44 +0000

Training data stashed in GitHub by mistake… unfortunately, it was *real* data

MalwareBytes Security

North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign

February 2, 2022 0 Comments APT, github, lazarus, threat intelligence

Credit to Author: Threat Intelligence Team| Date: Thu, 27 Jan 2022 16:20:16 +0000

How one of North Korea’s most sophisticated APTs tries to avoid detection by using legitiate tools during its attacks.

Categories: Threat Intelligence

Tags: APT GitHub Lazarus

(Read more…)

The post North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign appeared first on Malwarebytes Labs.