This Week in Security: Target Coinbase, Leaking Call Records, and Microsoft Hotpatching

We know a bit more about the GitHub Actions supply chain attack from last month. Palo Alto’s Unit 42 has been leading the charge on untangling this attack, and they’ve …read more Continue reading This Week in Security: Target Coinbase, Leaking Call Records, and Microsoft Hotpatching

SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack

The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the “tj-actions/changed-files” GitHub Action has been traced further back to the theft of a personal access token (PAT) related to… Continue reading SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack

Posted in Uncategorized

US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations

US and allied countries warn of threat actors using the “fast flux” technique to change DNS records and hide malicious servers’ locations.
The post US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations appeared first o… Continue reading US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations