New Python tool checks NPM packages for manifest confusion issues
A security researcher and system administrator has developed a tool that can help users check for manifest mismatches in packages from the NPM JavaScript software…
Month: July 2023
Innovation or Threat? – Cyber Defense Magazine
ChatGPT increases the risk of cyberattacks. By Markus Cserna, CTO, cyan Digital Security The whole world looks with amazement and appreciation at the achievements of…
Protecting Sensitive Information Within Translation
Strategies for Preventing Data Breaches in the Translation Industry By Ofer Tirosh, CEO, Tomedes When it comes to translation, it’s not unusual to come across…
Mexico-Based Hacker Targets Global Banks with Android Malware
Jul 04, 2023Ravie LakshmananCyber Crime / Mobile Security An e-crime actor of Mexican provenance has been linked to an Android mobile malware campaign targeting financial…
Why a service mesh may not be for everyone
A service mesh is a layer of IT infrastructure that controls service-to-service communication over a network to enable separate parts of an application to communicate…
Open-source OWASP tools to aid in penetration testing coverage
These tools leverage the advantage that white hat penetration testers have over external attackers: they have access to server binaries/bytecode and the server-side source code.…
Townsquare Media Data Breach: ALPHV Ransomware Claims Hit
Townsquare Media, a renowned American radio network and media company, has fallen victim to a cyber attack claimed by the ALPHV ransomware group. The hacker…
Hackers stole millions of dollars worth of crypto assets from Poly Network platformSecurity Affairs
Poly Network platform suspended its services during the weekend due to a cyber attack that resulted in the theft of millions of dollars in crypto…
Why Schools are Low-Hanging Fruit for Cybercriminals
Hackers are increasingly targeting schools as technology is being integrated more deeply into teaching. Educational institutions own many sensitive data, such as personnel and financial…
A static analysis tool to find web endpoints
Existing tools were either dead, regex-based, or didn’t support the analysis capabilities he wanted, so he built and open sourced endpointfinder, which parses JavaScript code…
330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw
Jul 04, 2023Ravie LakshmananNetwork Security / Exploit No less than 330000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting…
New Clipper Malware Variant Replaces Victim’s Wallet Address
New Clipper malware variants have emerged, specifically designed to target individuals engaged in cryptocurrency transactions. During these transactions, it was noted that these variants were…