Collaborate Disseminate
Last week, the NSA published an advisory urging Microsoft Windows administrators and users to update their older Windows systems to protect against the BlueKeep vulnerability. This vulnerability was first noted by UK National Cyber Security Centre and … Continue reading NSA warns users of BlueKeep vulnerability; urges them to update their Windows systems
Yesterday, Python’s core development team announced that PyPI now offers two-factor authentication to increase the security of Python package downloads and thus reduce the risk of unauthorized account access. The team announced that the 2FA will … Continue reading PyPI announces 2FA for securing Python package downloads
Salesforce informed its customers that it was facing a major issue with its service, early Friday morning, and mentioned that it was working towards resolving the issue soon. The popular cloud-based software company experienced an outage due to its fau… Continue reading Salesforce suffers major outage providing data access irrespective of the permission settings
Earlier this month, Cisco announced a critical vulnerability in its Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software. This vulnerability allows an unauthenticated, remote attacker to connect to the affected system with th… Continue reading Cisco reports critical vulnerabilities in Nexus 9000 data center switches, PI software, and EPN manager
Today, Google announced a security bug in its Bluetooth Low Energy (BLE) Titan Security Keys. This issue is due to a misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols, which is currently affecting the BLE versions in the U…. Continue reading Google to provide a free replacement key for its compromised Bluetooth Low Energy (BLE) Titan Security Keys
Yesterday, Intel and a group of microarchitecture security researchers disclosed four new hackable vulnerabilities in Intel’s chips. These vulnerabilities expose extremely sensitive data and processes from a victim’s CPU to the attacker. In… Continue reading Intel discloses four new vulnerabilities labeled MDS attacks affecting Intel chips
On Tuesday, Binance Exchange, one of the popular cryptocurrency exchanges, reported a huge security breach where hackers stole around 7,000 bitcoins worth $41 millions, in a single transaction. The hackers were able to gain a bulk of user API keys, 2FA… Continue reading Hackers steal bitcoins worth $41M from Binance exchange in a single go!
In a report released yesterday by Symantec, the popular cybersecurity software and services company, it revealed that Chinese intelligent agents acquired the National Security Agency’s hacking tools, which they repurposed in 2016 and used them to… Continue reading Symantec says NSA’s Equation group tools were hacked by Buckeye in 2016 way before they were leaked by Shadow Brokers in 2017
Last week, Git repositories were hit by a suspicious activity where attackers targeted GitHub, GitLab, and Bitbucket users, wiping code and commits from multiple repositories. The surprising fact is that attackers used valid credentials, i.e. a passwor… Continue reading Attackers wiped many GitHub, GitLab, and Bitbucket repos with ‘compromised’ valid credentials leaving behind a ransom note
On Friday, DockerHub informed its users of a security breach in its database, via email written by Kent Lamb, Director of Docker Support. The breach exposed sensitive information including some usernames and hashed passwords, as well as tokens for GitH… Continue reading DockerHub database breach exposes 190K customer data including tokens for GitHub and Bitbucket repositories