Recent Security News
-
Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers
November 14, 2023 at 07:33AM Threat actors are targeting publicly-accessible Docker Engine API instances to create a DDoS botnet called OracleIV. Attackers exploit the misconfiguration to install a malicious Docker container, which contains Python malware. The container also retrieves a shell script from a command-and-control (C&C) server. Cloud security firm Cado observed no evidence of…
-
PyPI Packages Found to Expose Thousands of Secrets
November 14, 2023 at 07:09AM Code security firm GitGuardian has discovered thousands of hardcoded credentials in Python code committed to PyPI packages. Over 4,000 unique secrets were found in nearly 3,000 packages, with more than 760 of them being valid. The leaked secrets included keys and credentials for popular services such as AWS, Azure AD,…
-
22 Energy Firms Hacked in Largest Coordinated Attack on Denmarkâs Critical Infrastructure
November 14, 2023 at 07:09AM Hackers launched a coordinated attack on 22 energy organizations in Denmark’s critical infrastructure. The attack, which occurred in May 2023, involved compromising victim organizations within a few days. The hackers exploited vulnerabilities in Zyxel firewalls and gained complete control over the impacted systems. The attacks were observed to have been…
-
CI/CD Risks: Protecting Your Software Development Pipelines
November 14, 2023 at 06:57AM Dependabot, a tool that automates checking and updating outdated dependencies in software projects, has revolutionized software maintenance tasks. However, security firm Checkmarx has warned of malicious actors impersonating Dependabot to deceive developers into accepting unauthorized changes. This incident highlights the vulnerabilities in CI/CD pipelines, which connect external tools and platforms…
-
Novel backdoor persists even after critical Confluence vulnerability is patched
November 14, 2023 at 06:03AM A new backdoor has been discovered in organizations’ environments, exploiting a critical vulnerability in Atlassian Confluence. The backdoor allows attackers remote access to a victim’s Confluence server and other network resources. It persists even after Confluence patches are applied. The malware responsible, called Effluence, is difficult to detect. Organizations are…