November 22, 2023 at 08:37PM Palo Alto Networks’ Unit 42 has identified two hacking schemes linked to state-sponsored actors in North Korea. The first scheme, called Contagious Interview, involves threat actors posing as job recruiters on job boards and tricking software engineers into downloading malware. The second scheme, Wagemole, sees threat actors pretending to be … Read more
November 10, 2023 at 07:59AM GitHub has introduced a new code scanning autofix feature as part of its Advanced Security program. The feature uses CodeQL, GitHub’s static-analysis scanner, to identify critical vulnerabilities in code and suggest fixes. This AI-powered tool aims to reduce developers’ time spent on fixing issues and improve the efficiency of vulnerability … Read more
November 8, 2023 at 12:15PM GitHub has announced the public preview of three new AI-powered features in GitHub Advanced Security. These features include AI-generated fixes for code alerts, identification of leaked passwords, and improved security overview dashboards. Additionally, GitHub released its Octoverse report, revealing a significant increase in developers building open source generative AI projects. … Read more
October 31, 2023 at 11:51AM Cybersecurity firm Palo Alto Networks warns that a threat actor, known as EleKtra-Leak, has been harvesting identity and access management (IAM) credentials from public GitHub repositories within five minutes of exposure. The threat actor has been using the credentials for cryptojacking campaigns that have been ongoing for at least two … Read more
October 30, 2023 at 07:24AM The EleKtra-Leak campaign is targeting exposed Amazon Web Service (AWS) identity and access management (IAM) credentials on public GitHub repositories for cryptojacking. The campaign has been active since December 2020 and has employed automated targeting of IAM credentials within four minutes of exposure. The attacker has also been linked to … Read more
October 13, 2023 at 11:38AM A single-click exploit has raised concerns about the security of Microsoft’s Visual Studio IDE once again. Developed by security researcher Zhiniang Peng, the exploit takes advantage of the default implementation of the IDE’s “trusted locations” feature. Peng argues that enabling this feature by default would protect users from potential attacks, … Read more
October 12, 2023 at 06:26AM Researchers at Approov have discovered that encryption, authentication, and signing keys are frequently exposed in mobile fintech apps used in Africa. The study found that when the top 10 revenue and download-generating apps were reverse-engineered, passwords, API keys, and private keys for cryptography were exposed. The researchers also identified that … Read more
October 11, 2023 at 03:40PM China-sponsored APT Storm-0062 is responsible for exploiting a critical bug in Atlassian Confluence Server, according to Microsoft. Proof-of-concept exploits are now available, indicating potential mass exploitation. The vulnerability (CVE-2023-22515) allows remote code execution without authentication. Microsoft identified four IP addresses associated with the exploit and warned of the creation of … Read more
October 11, 2023 at 08:42AM Protect AI, the maker of Huntr, a bug bounty program for open source software, has licensed three of its AI/ML security tools under the permissive Apache 2.0 terms. The first tool, NB Defense, helps protect machine learning projects in Jupyter Notebooks. The second tool, ModelScan, scans ML models for attacks … Read more
October 10, 2023 at 09:54AM GitHub’s Security Lab warns Linux users about a remote code execution vulnerability in the Libcue library used by GNOME. The flaw, tracked as CVE-2023-43641, can be exploited by getting the user to click on a malicious link, causing the attacker’s code to be executed. The PoC exploit will be released … Read more