AppSec - Security Boulevard

PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found

Richi Jennings — Fri, 29 Mar 2024 17:19:26 +0000

Emergency stop button: The Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup.

The post PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found appeared first on Security Boulevard.

Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones

Richi Jennings — Thu, 28 Mar 2024 18:46:58 +0000

Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support.

The post Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones appeared first on Security Boulevard.

Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data

Richi Jennings — Wed, 27 Mar 2024 17:14:37 +0000

Meta MITM IAAP SSL bump: Zuck ordered “Project Ghostbusters”—with criminal consequences, says class action lawsuit.

The post Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data appeared first on Security Boulevard.

Telegram Privacy Nightmare: Don’t Opt In to P2PL

Richi Jennings — Tue, 26 Mar 2024 17:29:25 +0000

Scary SMS shenanigans: Avoid Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service.

The post Telegram Privacy Nightmare: Don’t Opt In to P2PL appeared first on Security Boulevard.

China Steals Defense Secrets ‘on Industrial Scale’

Richi Jennings — Mon, 25 Mar 2024 17:08:40 +0000

UNC5174 ❤ UNC302: CVSS 10 and 9.8 vulnerabilities exploited by Chinese threat actor for People’s Republic.

The post China Steals Defense Secrets ‘on Industrial Scale’ appeared first on Security Boulevard.

Application Security for Dummies: The Only Way Forward

Aviad Mizrachi — Fri, 22 Mar 2024 13:00:44 +0000

To improve application security, we must make security so stupid that anyone can do it, and that applies up and down the stack.

The post Application Security for Dummies: The Only Way Forward appeared first on Security Boulevard.

EPA and White House Raise Alarm on Water Cybersecurity

Richi Jennings — Wed, 20 Mar 2024 16:22:50 +0000

Iran and China fingered: Biden admin. chides governors: Water infra. lacks “even basic cybersecurity precautions.”

The post EPA and White House Raise Alarm on Water Cybersecurity appeared first on Security Boulevard.

TikTok ‘Ban’ — ByteDance CEO and EFF are BFFs

Richi Jennings — Mon, 18 Mar 2024 18:24:07 +0000

7521 momentum builds: Shou Zi Chew plays for time, while Electronic Frontier Foundation says TikTok-kill bill is DOA.

The post TikTok ‘Ban’ — ByteDance CEO and EFF are BFFs appeared first on Security Boulevard.

French Gov. Leaks 43 Million People’s Data — ‘France Travail’ Says Sorry

Richi Jennings — Fri, 15 Mar 2024 17:00:43 +0000

La grande cybermalveillance: French government’s employment agency loses control of citizens’ data after biggest breach in Gallic history.

The post French Gov. Leaks 43 Million People’s Data — ‘France Travail’ Says Sorry appeared first on Security Boulevard.

Google Splashes the Cash in Bug Bounty Bonanza: $59 Million to Date

Richi Jennings — Wed, 13 Mar 2024 16:57:09 +0000

Wanna be a VRP VIP? Last year, $GOOG paid $10 million to ethical hackers for finding vulnerabilities.

The post Google Splashes the Cash in Bug Bounty Bonanza: $59 Million to Date appeared first on Security Boulevard.