GitHub – Page 2 – Computer Security Articles

MalwareBytes Security

A week in security (January 9—15)

January 16, 2023 admin 2023 predictions, awis, department of interior, Facebook, GitHub, google, Identity Theft, instagram, k-12 security, K–12, Magecart, maternal & family health services, meta, microsoft, news, nso group, pokemon nft, ransomware. vice society ransomware, royal mail, slack, snapchat, TikTok, vice society, weak passwords, Week in security, weekly blog roundup, WhatsApp, Youtube

Categories: News

Tags: AWIS

Tags: weekly blog roundup

Tags: week in security

Tags: Slack

Tags: GitHub

Tags: Magecart

Tags: Microsoft

Tags: Pokemon NFT

Tags: Facebook

Tags: Instagram

Tags: Snapchat

Tags: TikTok

Tags: YouTube

Tags: Google

Tags: Meta

Tags: identity theft

Tags: Maternal & Family Health Services

Tags: 2023 predictions

Tags: Royal Mail

Tags: K-12 security

Tags: K-12

Tags: WhatsApp

Tags: NSO Group

Tags: Department of Interior

Tags: weak passwords

Tags: Vice Society

Tags: ransomware. Vice Society ransomware

The most interesting security related news from the week of January 9—15.

(Read more…)

The post A week in security (January 9—15) appeared first on Malwarebytes Labs.

MalwareBytes Security

Slack private code on GitHub stolen

January 9, 2023 admin compromised tokens, data breach, GitHub, news, slack, slack breach

Categories: News

Tags: Slack

Tags: GitHub

Tags: data breach

Tags: Slack breach

Tags: compromised tokens

Stolen employee tokens gave an attacker access to Slack’s private code repositories.

(Read more…)

The post Slack private code on GitHub stolen appeared first on Malwarebytes Labs.

MalwareBytes Security

Okta breached last month, no customers compromised

January 3, 2023 admin auth0, GitHub, news, Okta

Categories: News

Tags: Okta

Tags: GitHub

Tags: Auth0

Okta’s code repository on GitHub has been accessed by an unauthorized third party, but there’s no reason for customers to worry

(Read more…)

The post Okta breached last month, no customers compromised appeared first on Malwarebytes Labs.

MalwareBytes Security

Fake Proof-of-Concepts used to lure security professionals

October 27, 2022 admin abuseipdb, Exploits and vulnerabilities, GitHub, leiden, news, poc, pocs, virustotal

Categories: Exploits and vulnerabilities

Categories: News

Tags: PoC

Tags: PoCs

Tags: Leiden

Tags: GitHub

Tags: VirusTotal

Tags: AbuseIPDB

Researchers from Leiden University analyzed many thousands of Proof-of-Concepts and found that 10 percent of those they found on GitHub are malicious

(Read more…)

The post Fake Proof-of-Concepts used to lure security professionals appeared first on Malwarebytes Labs.

MalwareBytes Security

Update now! GitLab issues critical security release for RCE vulnerability

August 25, 2022 admin cve-2022-2884, Exploits and vulnerabilities, GitHub, gitlab, import, news, RCE

Categories: Exploits and vulnerabilities

Categories: News

Tags: GitLab

Tags: RCE

Tags: CVE-2022-2884

Tags: GitHub

Tags: import

GitLab has released important security fixes to patch for an RCE vulnerability, known as CVE-2022-2884.

(Read more…)

The post Update now! GitLab issues critical security release for RCE vulnerability appeared first on Malwarebytes Labs.

MalwareBytes Security

Ukraine government and pro-Ukrainian sites hit by DDoS attacks

April 29, 2022 admin brownflood, cert-ua, compromised wordpress sites, ddos, DDos attack, distributed denial-of-service attack, GitHub, Security world, wordpress

Credit to Author: Malwarebytes Labs| Date: Fri, 29 Apr 2022 08:01:46 +0000

We can’t tell which party made the first move, but both the pro-Ukraine and Russian sides have been exchanging DDoS attacks.

The post Ukraine government and pro-Ukrainian sites hit by DDoS attacks appeared first on Malwarebytes Labs.

Independent Krebs

Fighting Fake EDRs With ‘Credit Ratings’ for Police

April 27, 2022 admin A Little Sunshine, apple, AT&T, Coinbase, discord, emergency data request, FBI, GitHub, google, kodex, LinkedIn, matt donahue, meta, microsoft, snapchat, T-Mobile, The Coming Storm, TikTok, twilio, Twitter, Verizon, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 27 Apr 2022 14:27:35 +0000

When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests — in part by assigning trustworthiness or “credit ratings” to law enforcement authorities worldwide.

Independent Krebs

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

March 17, 2022 admin alex holden, GitHub, Hold Security, protestware, russia's war on ukraine, The Coming Storm

Credit to Author: BrianKrebs| Date: Thu, 17 Mar 2022 22:33:21 +0000

Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.