Cybersecurity Blog
Exploiting CI/CD Pipelines for Fun and Profit
On September 8, 2024, a significant exploit chain was discovered, starting from a publicly exposed . git directory, ...
WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers
WordPress.org has announced a new account security measure that will require accounts with capabilities to update ...
UK’s ICO and NCA Sign Memorandum to Boost Reporting and Resilience
The UK’s data protection watchdog and serious and organized crime agency have signed a memorandum of understanding (MoU) ...
Tech Stack Uniformity has Become a Systemic Vulnerability
By recognizing the importance of diversity in technology stacks and incorporating it into security protocols and ...
DoJ Distributes $18.5 Million to Western Union Fraud Victims
The U.S. Department of Justice has distributed $18. 5m to about 3000 victims of fraud facilitated by Western Union. This ...
Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances
The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of SOHO routers and ...
Security Budgets Continue Modest Growth, but Staff Hiring Slows Considerably, Research Finds
Security budgets are seeing modest growth in 2024, with an 8% increase compared to a 6% growth in 2023. However, hiring ...
DragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and Europe
A “simplified Chinese-speaking actor” has been linked to a new campaign that has targeted multiple countries ...