November 10, 2022
This week: Former Uber CSO is convicted for his attempted cover-up of a 2016 hack of the company. Also: A software supply chain attack has pushed out malware to at least 250 media sites.
November 3, 2022
This week: an expected OpenSSL vulnerability may not be as disastrous as was predicted, but is still very real. Also: Unauthorized hackers accessed 130 GitHub repositories as a result of a Dropbox breach.
October 27, 2022
This week: Pro-China operation Dragonbridge targets the U.S. political system. Also: Two flaws in Cisco AnyConnect are being actively exploited.
October 20, 2022
This week: Critical infrastructure sectors such as education and aviation are being targeted by cybercriminals. Also: software supply chain attacks have increased by 742% in the past 3 years.
October 13, 2022
This week: Google Cloud announces new solution to tackle software supply chain risk, multiple vulnerabilities in Adobe products could lead to arbitrary code execution, and more.
October 6, 2022
This week: APT groups targeted a defense industrial base sector organization, why SBOMs are a great “first step,” and more.
September 29, 2022
The Week in Security: Bill tasks CISA Director with responsibility for open source software security
This week: A new bill tasks the CISA Director with tackling open source software security, a leaked LockBit builder is being used by a new ransomware gang, and more.
September 22, 2022
This week: The famous hacking group Lapsus$ appears to be back in action. Also: Russian cyber spies are targeting Ukraine by posing as internet providers.