Latest CyberSec News by @thecyberpicker

20 npm packages with 2B weekly downloads compromised after maintainer phishing led to crypto-stealing malware.

This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 10 version 22H2.

This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 11. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 11 version 24H2.

This guidance, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and international partners, presents a shared vision of Software Bill of Materials (SBOM) and the value that increased software component and supply chain transparency can offer to the global community.

Media streaming platform Plex is warning customers to reset passwords after suffering a data breach in which a hacker was able to steal customer authentication data from one of its databases.

45 domains linked to Salt Typhoon date back to May 2020, revealing ongoing China-backed cyber espionage.

Cybercrime hubs in Southeast Asia scammed Americans out of at least $10 billion last year, a 66% increase from 2023, officials said.

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have…

This guide has been developed to help organisational personnel in understanding the threat environment and the value of implementing secure keys and secrets management to make better informed decisions.

This guidance, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and international partners, presents a shared vision of Software Bill of Materials (SBOM) and the value that increased software component and supply chain transparency can offer to the global community.

Support for Microsoft Windows and Microsoft Windows Server users following the expiration of the specified servicing timeline.

This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 10 version 22H2.

This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 11. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 11 version 24H2.

Large network scans have been  targeting Cisco ASA devices, prompting warnings from cybersecurity researchers that it could indicate an upcoming flaw in the products.

The hacker spent months performing reconnaissance activities on both Salesloft application environments as well as those for Drift, an AI chatbot company that Salesloft acquired last year.

This guidance outlines how OT owners and operators can create and maintain an asset inventory and OT taxonomy, to protect their most vital assets. It includes steps for defining scope and objectives for the inventory, identifying assets, collecting attributes, creating a taxonomy, managing data, and implementing asset life cycle management.

The company said a threat actor accessed and snooped around its account for months, then stole OAuth tokens for Drift integrations from its cloud environment.

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys.

The Cybersecurity and Infrastructure Agency is delaying finalization of CIRCIA until next year, according to a recent regulatory notice.

The disruption is the latest to hit a high-profile brand in the United Kingdom, and follows repeated delays in the British government introducing cybersecurity regulations that would require businesses to better protect themselves from attacks.

Signal has introduced a new opt-in feature that helps users create end-to-end encrypted backups of their chats, allowing them to restore messages even if their phones are damaged or lost.

Secretary of State Marco Rubio said U.S. officials sanctioned nine people and companies involved in running Shwe Kokko — a hub for scam centers in Myanmar — as well as four individuals and six entities for their roles operating forced labor compounds in Cambodia.

American furniture brand Lovesac is warning that it suffered a data breach impacting an undisclosed number of individuals, stating their personal data was exposed in a cybersecurity incident.

When I announced my latest book last week, I forgot to mention that you can pre-order a signed copy here. I will ship the books the week of 10/20, when it is published.

​Calcio, a large piracy sports streaming platform with more than 120 million visits in the past year, was shut down following a collaborative effort by the Alliance for Creativity and Entertainment (ACE) and DAZN.

As some observers predicted, Democratic commissioners are racking up lower court victories, but the highest court in the country appears skeptical.

In cybersecurity, trust often hinges on what users think their software is doing — versus what’s actually happening under the hood. Related: Eddy Willem's 'Borrowed Brains' findings Take antivirus, for example. Many users assume threat detection is based on proprietary research, unique signatures, and internal analysis. But what happens when a product’s detection engine is

GitHub compromise led to Drift data breach, impacting 22 companies and prompting Salesloft app suspension.

This week on the Lock and Code podcast, we speak with Emily Galvin-Almanza about predictive policing and whether it actually improves safety.

In what is being called the largest supply chain attack in history, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising maintainers' accounts in a phishing attack.