The Week in Security

January 26, 2023

The Week in Security: After breach, 'unusual activity' detected in GoTo and LastPass dev environments

This week: GoTo says its 2022 breach was worse than reported, also affecting LastPass. Also: A hacktivist finds FBI No Fly list on an unsecured server.
January 19, 2023

The Week in Security: PyPI hit by ‘Lolip0p’ info-stealing attack, ransomware targets ship fleet

This week: A new software supply chain attack has been discovered on PyPI. Also: A ransomware attack on ship management software impacts 1000 vessels.
January 12, 2023

The Week in Security: When AI attacks, ChatGPT lowers the bar for developing malware

This week: Trojan Puzzle attack shows how AI can be trained for malicious purposes. Also: ChatGPT is enabling script kiddies to write functional malware. 
January 5, 2023

The Week in Security: Ransomware attacks close out 2022 with a bang, PyTorch compromise explored

The tail-end of 2022 was plagued by ransomware attacks on critical infrastructure. Also, we break down the PyTorch software supply chain attack.
December 22, 2022

The Week in Security: Okta says source code stolen. Also: SentinelSneak: PyPi moduel poses as security SDK

Okta is hit with another supply chain attack. Also, ReversingLabs discovered a malicious PyPI package posing as a SentinelOne SDK client.
December 15, 2022

The Week in Security: Wiper malware rains down on 2022, Microsoft certificates abused

This week: Twelve malware wipers have been discovered in 2022. Also: The Cuba ransomware gang abused Microsoft certificates to sign malware.
December 1, 2022

The Week in Security: Docker Hub leaks secrets, Black Basta ransomware gangs up on retailer

This week: Another open-source platform is being used by cybercriminals. Also: the Black Basta ransomware gang takes credit for the attack on Maple Leaf Foods. 
November 17, 2022

The Week in Security: Disguised Russian software used in U.S. Army, CDC applications

This week: software security and international relations collide as one tech company falsely brands itself as a U.S. software supplier. Also: a Canadian supermarket chain has been hit with a ransomware attack.