GitHub – Page 4 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Thu, 17 Mar 2022 22:33:21 +0000

Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.

MalwareBytes Security

February 2, 2022 admin

North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign

Credit to Author: Threat Intelligence Team| Date: Thu, 27 Jan 2022 16:20:16 +0000

How one of North Korea’s most sophisticated APTs tries to avoid detection by using legitiate tools during its attacks.

Categories: Threat Intelligence

Tags: APT GitHub Lazarus

Independent Krebs

November 11, 2019 admin

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

Credit to Author: BrianKrebs| Date: Mon, 11 Nov 2019 17:33:27 +0000

Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was inadvertent, and that many of the credentials were already expired.

MalwareBytes Security

October 14, 2019 admin

A week in security (October 7 – 13)

Credit to Author: Malwarebytes Labs| Date: Mon, 14 Oct 2019 15:30:38 +0000

A look at the cybersecurity news from October 7 – 13, including updates on war shipping, managed service providers, and stalkerware.

Categories:

A week in security

Tags: amazon body cams bots chrome cybersecurity facial recognition GitHub Google ice insurance insurance cybersecurity managed service providers multi-factor authentication national cybersecurity awareness month National domestic violence awareness month NCSAM police body cams security stalkerware twitter US Immigration and Customs Enforcement war shipping

(Read more…)

The post A week in security (October 7 – 13) appeared first on Malwarebytes Labs.

Independent Krebs

July 30, 2019 admin

Capital One Data Theft Impacts 106M People

Credit to Author: BrianKrebs| Date: Tue, 30 Jul 2019 13:59:54 +0000

Federal prosecutors this week charged a Seattle woman with stealing data from more than 100 million credit applications made with Capital One Financial Corp. Incredibly, much of this breached played out publicly over several months on social media and other open online platforms. What follows is a closer look at the accused, and what this incident may mean for consumers and businesses.

MalwareBytes Security

April 26, 2019 admin

GitHub hosted Magecart skimmer used against hundreds of e-commerce sites

Credit to Author: Jérôme Segura| Date: Fri, 26 Apr 2019 16:06:12 +0000

Magecart threat actors upload their skimming code onto GitHub in the latest attack against Magento websites.

Categories:

Cybercrime

Tags: GitHub Magecart magento skimmer

Kaspersky Security

March 28, 2019 admin

GitHub key leaks and how to prevent them

Credit to Author: Sergey Golubev| Date: Thu, 28 Mar 2019 22:16:38 +0000

Hundreds of thousands of tokens and cryptographic keys have been discovered on GitHub. We explain why this is bad and how to avoid a leak.

Independent Krebs

July 23, 2018 admin

Google: Security Keys Neutralized Employee Phishing

Credit to Author: BrianKrebs| Date: Mon, 23 Jul 2018 11:34:38 +0000

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity.