Blog | ReversingLabs | The Week in Security (2)

May 18, 2023

The Week in Security: Capita AWS bucket exposes benefits data, Toyota leaks customer data on 2M

This week: An unsecured AWS bucket exposed English citizen’s data. Also: A data breach on Toyota leaked the data of more than 2 million customers.

May 11, 2023

The Week in Security: Coalition takes down Russia's Snake espionage tool, GitHub plugs API leaks

U.S. and other countries take down Russia’s Snake malware, used to conduct global espionage. Also: GitHub auto-blocks API key and token leaks for all repos.

May 4, 2023

The Week in Security: Sunburst attack set off alarms for months before discovery

The DOJ detected the SolarWinds Orion breach six months prior to public disclosure. Also: anxiety, fear, depression - the life of a ransomware criminal.

April 27, 2023

The Week in Security: A possible Colonial Pipeline 2.0, ransomware takes bite out of American eateries

This week: Canadian gas pipeline explosion could have been caused by a cyber attack. Also: Financial services firm NCR hit with a ransomware attack.

April 20, 2023

The Week in Security: 3CX attack caused by earlier supply chain hack, malware in Google Play

This week: One software supply chain attack caused another, making it a first for the industry. Also: Malware spreads via apps in the Google Play Store.

April 13, 2023

The Week in Security: 3CX attackers identified as North Korean, CISA pushes Secure by Design

The attackers behind the 3CX software supply chain attack have been identified as North Korean. Also: CISA aims to shift the cybersecurity burden to tech.

April 6, 2023

The Week in Security: Social engineering-attacks up with the rise of AI tools, Genesis Market seized

This week: Research connects the rise of AI tools and an increase in social engineering attacks. Also: A stolen credentials site is seized by the FBI.

March 30, 2023

The Week in Security: Twitter gets subpoena for source code leak, 3CX supply chain attack surfaces

This week: GitHub is issued a subpoena by Twitter over leaked source code. Also: 3CX software supply chain attack leaves millions at risk.

March 23, 2023

The Week in Security: NuGet hit by typosquatting, fake ChatGPT plug-in hijacks Facebook accounts

This week: NuGet is hit with a malicious typosquatting campaign. Also: A malicious ChatGPT Chrome extension is hijacking Facebook accounts.

March 16, 2023

The Week in Security: YoroTrooper steals credentials in Europe, AI-created videos spread malware

A Russian-speaking threat actor has breached several European organizations. Also: AI-created videos on YouTube are spreading infostealer malware.

March 9, 2023

The Week in Security: Lazarus attacks same South Korean entity twice, use of hard-coded secrets is up

North Korean-linked hacking group Lazarus attacked the same South Korean financial entity twice in 2022. Also: The number of hard-coded secrets is way up.

March 2, 2023

The Week in Security: LastPass shares disturbing breach details, CISA calls for software maker liability

New details expose that the recent hack on LastPass was worse than previously thought. Also: CISA has called for for software makers who develop insecure software to be held liable.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

The Week in Security (2)

The Week in Security: Capita AWS bucket exposes benefits data, Toyota leaks customer data on 2M

The Week in Security: Coalition takes down Russia's Snake espionage tool, GitHub plugs API leaks

The Week in Security: Sunburst attack set off alarms for months before discovery

The Week in Security: A possible Colonial Pipeline 2.0, ransomware takes bite out of American eateries

The Week in Security: 3CX attack caused by earlier supply chain hack, malware in Google Play

The Week in Security: 3CX attackers identified as North Korean, CISA pushes Secure by Design

The Week in Security: Social engineering-attacks up with the rise of AI tools, Genesis Market seized

The Week in Security: Twitter gets subpoena for source code leak, 3CX supply chain attack surfaces

The Week in Security: NuGet hit by typosquatting, fake ChatGPT plug-in hijacks Facebook accounts

The Week in Security: YoroTrooper steals credentials in Europe, AI-created videos spread malware

The Week in Security: Lazarus attacks same South Korean entity twice, use of hard-coded secrets is up

The Week in Security: LastPass shares disturbing breach details, CISA calls for software maker liability

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

The Week in Security (2)

Topics

Follow us

Subscribe

Special Reports