The Week in Security (2)

November 10, 2022

The Week in Security: Former Uber CSO convicted over hack cover-up, supply chain attack targets media

This week: Former Uber CSO is convicted for his attempted cover-up of a 2016 hack of the company. Also: A software supply chain attack has pushed out malware to at least 250 media sites. 
November 3, 2022

The Week in Security: OpenSSL danger downgraded but still real, GitHub exposed

This week: an expected OpenSSL vulnerability may not be as disastrous as was predicted, but is still very real. Also: Unauthorized hackers accessed 130 GitHub repositories as a result of a Dropbox breach. 
October 27, 2022

The Week in Security: Pro-China cyber operation Dragonbridge targets U.S. elections

This week: Pro-China operation Dragonbridge targets the U.S. political system. Also: Two flaws in Cisco AnyConnect are being actively exploited. 
October 20, 2022

The Week in Security: Attacks on critical infrastructure and the software supply chain take off

This week: Critical infrastructure sectors such as education and aviation are being targeted by cybercriminals. Also: software supply chain attacks have increased by 742% in the past 3 years. 
October 13, 2022

The Week in Security: Google takes next step on supply chain risk, UK issues software security guidance

This week: Google Cloud announces new solution to tackle software supply chain risk, multiple vulnerabilities in Adobe products could lead to arbitrary code execution, and more. 
October 6, 2022

The Week in Security: CISA alerts on open source tool, SBOMs are just the 'first step'

This week: APT groups targeted a defense industrial base sector organization, why SBOMs are a great “first step,” and more. 
September 29, 2022

The Week in Security: Bill tasks CISA Director with responsibility for open source software security

This week: A new bill tasks the CISA Director with tackling open source software security, a leaked LockBit builder is being used by a new ransomware gang, and more.
September 22, 2022

The Week in Security: Is Lapsus$ back in action?

This week: The famous hacking group Lapsus$ appears to be back in action. Also: Russian cyber spies are targeting Ukraine by posing as internet providers.