The OSPO – the front line for secure open-source software supply chain governance
Organizations of every shape, size, and sector have embraced open-source software (OSS). The financial, medical, and manufacturing industries – and even national security – now use OSS to power...
Scary stats: $3B stolen in 2022 as of ‘Hacktober,’ doubling 2021
The month of October has broken all records for crypto exploits and the amount of digital loot pilfered — living up to its new moniker of “Hacktober” — according...
White House Convenes International Ransomware Summit
U.S. officials will meet this week with delegations from more than 36 countries to share intelligence and strategize about how to push back against crippling and costly ransomware attacks...
Patch Now: Dangerous RCE Bug Lays Open ConnectWise Server Backup Managers
ConnectWise has patched a critical remote code execution (RCE) vulnerability in its ConnectWise Recover and R1Soft server backup manager technologies that could give attackers a way to compromise thousands...
Team Finance hacker returns $7M to associated projects after exploit
Four projects have received some $7 million worth of tokens from the hacker behind the $14.5 million Team Finance exploit on Oct. 27. Over the weekend, the attacker confirmed in...
Compound pauses 4 tokens to avoid price manipulation: Finance Redefined
Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week.After the Mango Markets...
Cranefly Cyberspy Group Spawns Unique ISS Technique
Hacking group Cranefly is using the new technique of using Internet Information Services (IIS) commands to deliver backdoors to targets and carry out intelligence-gathering campaigns.Researchers at Symantec have observed...
Dark Web Forum Busts Come Days Apart
A pair of splashy busts this week, one in the US and the other in Germany, demonstrates that global law enforcement teams are actively pursuing Dark Web forum criminal activity. On...
How to Attract Top Research Talent for Your Bug Bounty Program
As vulnerabilities continue to take center stage and organizations look to launch bug bounty and security assurance programs, the competition for good researchers is fierce. But it can be...
Cryptojacking, Freejacking Compromise Cloud Infrastructure
Cryptojacking is creeping back, with attackers using a variety of schemes to leech free processing power from cloud infrastructure to focus on mining cryptocurrencies such as Bitcoin and Monero.Cryptominers...
