Microsoft: Exchange ‘Extended Protection’ needed to fully patch new bugs
Microsoft says that some of the Exchange Server flaws addressed as part of the August 2022 Patch Tuesday also require…
North Korean hackers target crypto experts with fake Coinbase job offers
A new social engineering campaign by the notorious North Korean Lazarus hacking group has been discovered, with the hackers impersonating Coinbase…
DuckDuckGo browser now blocks all Microsoft trackers, most of the time
DuckDuckGo announced today that they will now be blocking all third-party Microsoft tracking scripts in their privacy browser after failing…
35,000 code repos not hacked—but clones flood GitHub to serve malware
Thousands of GitHub repositories were forked (cloned) and altered to include malware, a software engineer discovered. [...]
Thousands of Mobile Apps Leaking Twitter API Keys
New finding comes amid report of overall surge in threats targeting mobile and IoT devices over the past year.
No SOCKS, No Shoes, No Malware Proxy Services!
With the recent demise of several popular "proxy" services that let cybercriminals route their malicious traffic through hacked PCs, there…
ICYMI: Dark Web Happenings Edition With Evil Corp., MSP Targeting & More
Dark Reading's digest of other "don't-miss" stories of the week — including a Microsoft alert connecting disparate cybercrime activity together,…
How Attackers Could Dupe Developers into Downloading Malicious Code From GitHub
Developers need to be cautious about whom they trust on GitHub because it's easy to establish fake credibility on the…
Scribe Security Releases Code Integrity Validator Alongside Github Security Open Source Project
Developers can now rest assured that the code they are using, as well as their GitHub accounts, are safe.
3 Golden Rules of Modern Third-Party Risk Management
It's time to expand the approach of TPRM solutions so risk management is more effective in the digital world.