Recent Security News
-
GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials
January 17, 2024 at 03:15AM GitHub has responded to a security vulnerability by rotating some keys, including the GitHub commit signing key, GitHub Actions, GitHub Codespaces, and Dependabot customer encryption keys. The vulnerability, CVE-2024-0200, has not been exploited in the wild, but GitHub has addressed it with patches. Another bug, CVE-2024-0507, has also been resolved…
-
Combination of cheap .cloud domains and fake Shark Tank news fuel unhealthy wellness scams
January 17, 2024 at 01:34AM Netcraft discovered that scammers are exploiting cheap domain names to promote fake health products through deceptive news campaigns, mimicking popular news outlets and falsely claiming endorsements from TV shows like Shark Tank and Dragons’ Den. The proliferation of new global top-level domain names, such as .sbs and .cloud, at low…
-
Nokia walks the walk about its RAN to play on Uncle Sam’s China fears
January 16, 2024 at 10:01PM Nokia has launched a dedicated business unit for government sales in the USA, reflecting Washington’s concerns about national infrastructure security. The move comes amid US efforts to remove Chinese-made equipment from its networks due to security worries. Nokia is tailoring its portfolio and sales team to meet federal government needs,…
-
FBI: Beware of thieves building Androxgh0st botnets using stolen creds
January 16, 2024 at 08:36PM The FBI and CISA warn that cybercriminals are leveraging old vulnerabilities to deploy Androxgh0st malware, targeting .env files containing user credentials for AWS, Microsoft Office 365, SendGrid, and Twilio. The malware can be used to steal data, execute code remotely, and create new AWS users and instances. Mitigations include updating…
-
Effective Incident Response Relies on Internal and External Partnerships
January 16, 2024 at 07:10PM Security teams increasingly collaborate with internal and external partners for incident response, recognizing the importance of coordination. 63% coordinate with internal communications, 44% know whom to contact in HR, and 39% have dedicated resources for external communications. Cross-functional collaboration is crucial due to the wide-reaching impact of security breaches. Also,…