MOVEit software exploit walks before it runs
Cl0p quietly tested the flaw for two years before launching the full exploit. Lesson: Look both ways before crossing.
Read More about MOVEit software exploit walks before it runsRichi Jennings
Richi Jennings is a former developer and marketer. He’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, DevOps.com, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and CIO.com. Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.
Posts from Richi Jennings
MOVEit software exploit walks before it runs
PyPI hackers code sneaky new tactic. Researchers caught 'em red handed
Compiled-code behavior analysis beats old-skool app sec tools.
Read More about PyPI hackers code sneaky new tactic. Researchers caught 'em red handed
‘Extinction risk’: Could code-writing AI wipe out humans via software backdoors?
Experts warn ChatGPT-based coding could do to us what an asteroid did to the dinosaurs. Hype — or heads-up to reckon with?
Read More about ‘Extinction risk’: Could code-writing AI wipe out humans via software backdoors?
PyPI paused as automated attack overwhelms admins
The Python repo was flooded with malicious typo-squatting packages. Weekend warriors quit defense and hit pause.
Read More about PyPI paused as automated attack overwhelms admins
Lessons from MSI's UEFI key breach: How safe are the secrets in your software?
Stolen keys allow bootkits to avoid Intel’s “Guard” features. And there’s no way to revoke them.
Read More about Lessons from MSI's UEFI key breach: How safe are the secrets in your software?
Red teamers take on AI at DEF CON 31
It takes a village... Researchers play capture the flag to find vulns in tools like ChatGPT — with a White House assist.
Read More about Red teamers take on AI at DEF CON 31
SolarWinds hack: Did DOJ know 6 months earlier?
The Department of Justice stays on the down-low: Poster child for software supply chain security? The plot thickens...
Read More about SolarWinds hack: Did DOJ know 6 months earlier?
EU cyber laws ‘will’ make FOSS devs liable
The Python Software Foundation is very, very unhappy with the draft Cyber Resilience Act (CRA) and Product Liability Act (PLA).
Read More about EU cyber laws ‘will’ make FOSS devs liable
Has public USB ‘juice jacking’ made it into the wild?
Déjà vu, but carry protection, dev teams traveling with credentials: Public-USB hacks could finally have gone rogue, per the FBI.
Read More about Has public USB ‘juice jacking’ made it into the wild?