API Security - Security Boulevard

PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found

Richi Jennings — Fri, 29 Mar 2024 17:19:26 +0000

Emergency stop button: The Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup.

The post PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found appeared first on Security Boulevard.

Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones

Richi Jennings — Thu, 28 Mar 2024 18:46:58 +0000

Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support.

The post Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones appeared first on Security Boulevard.

Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data

Richi Jennings — Wed, 27 Mar 2024 17:14:37 +0000

Meta MITM IAAP SSL bump: Zuck ordered “Project Ghostbusters”—with criminal consequences, says class action lawsuit.

The post Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data appeared first on Security Boulevard.

Telegram Privacy Nightmare: Don’t Opt In to P2PL

Richi Jennings — Tue, 26 Mar 2024 17:29:25 +0000

Scary SMS shenanigans: Avoid Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service.

The post Telegram Privacy Nightmare: Don’t Opt In to P2PL appeared first on Security Boulevard.

Google Splashes the Cash in Bug Bounty Bonanza: $59 Million to Date

Richi Jennings — Wed, 13 Mar 2024 16:57:09 +0000

Wanna be a VRP VIP? Last year, $GOOG paid $10 million to ethical hackers for finding vulnerabilities.

The post Google Splashes the Cash in Bug Bounty Bonanza: $59 Million to Date appeared first on Security Boulevard.

Facebook/Insta FAIL — ‘Anonymous Sudan’ has a Super Tuesday: ‘We Did It.’

Richi Jennings — Wed, 06 Mar 2024 16:30:28 +0000

Shooper Choosday: Was yesterday’s Meta outage outrage caused by a Russian DDoS?

The post Facebook/Insta FAIL — ‘Anonymous Sudan’ has a Super Tuesday: ‘We Did It.’ appeared first on Security Boulevard.

Cheap Video Doorbell Cams: Tools of Stalkers and Thieves

Richi Jennings — Fri, 01 Mar 2024 16:43:56 +0000

EKEN IoT FAIL: Amazon, Sears and Shein still sell security swerving stuff.

The post Cheap Video Doorbell Cams: Tools of Stalkers and Thieves appeared first on Security Boulevard.

GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL

Richi Jennings — Thu, 29 Feb 2024 16:37:11 +0000

Forking hell: Scrotebots clone thousands of projects, injecting malware millions of times.

The post GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL appeared first on Security Boulevard.

US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My!

Richi Jennings — Tue, 27 Feb 2024 18:51:31 +0000

Pay no attention to that man: State Dept. Global Engagement Centre chief James Rubin (pictured) follows the yellow brick road.

The post US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My! appeared first on Security Boulevard.

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs

Richi Jennings — Thu, 22 Feb 2024 18:01:59 +0000

Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures.

The post PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs appeared first on Security Boulevard.