-
Jan 17, 2023
A threat actor known as Lolip0p has uploaded three rogue packages to the Python Package Index (PyPI) repository, which are designed to drop malware on compromised developer systems. According to a report by Fortinet the packages, named colorslib, httpslib and… read more »
-
Jan 16, 2023
Incident response is a critical component of any organization’s cybersecurity strategy. With the increasing use of cloud-based services, it’s essential to have the right tools in place to quickly and effectively respond to security incidents. In this post, I propose… read more »
-
Jan 15, 2023
After the LastPass databreach, doubts have been raised in the cybersecurity community about the actual security of password managers. Personally, I have always held a fairly unpopular opinion: password managers built into browsers are more secure than stand-alone. In this… read more »
-
Jan 11, 2023
A new advanced threat actor known as Dark Pink, also referred to as Saaiwc Group, has been found to be targeting government agencies and military bodies in multiple countries in the APAC region using custom malware to steal confidential information.… read more »
-
Jan 9, 2023
The Kinsing malware is targeting Kubernetes clusters by exploiting known vulnerabilities in container images and misconfigured PostgreSQL containers. The malware has a history of targeting containerized environments for crypto mining, and the threat actors behind it have been known to… read more »
-
Jan 6, 2023
These days I am finishing the first draft of a new book of the “Little Handbooks” series, dedicated to Malware Analysis. One of the first chapters is a brief history of computer viruses. Comments and feedback are welcome! Malware is… read more »
-
Jan 2, 2023
Introduction Agile methodologies have become increasingly popular in recent years as a way to accelerate the development of software and other projects. Unlike traditional Waterfall methodologies, which follow a linear and sequential process, agile approaches emphasize flexibility, collaboration, and rapid… read more »
-
Dec 31, 2022
The Swiss cheese model is a risk management concept that can be applied to cybersecurity to help organizations understand and mitigate the risks they face. The model suggests that there are multiple layers of defense, or “slices of cheese,” in… read more »