New “Trojan Source” method lets attackers hide vulnerabilities in source code.

Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.

Accessed on 01 November 2021, 2303 UTC.

Content provided by “DarkReading.com.”

Source:

https://www.darkreading.com/

Please click link or scroll down to read your selections.

Latest News

New ‘Trojan Source’ Method Lets Attackers Hide Vulns in Source Code

Researchers discover a new technique attackers could use to encode vulnerabilities into software while evading detection.


CrowdStrike to Buy Zero-Trust SaaS Provider

SecureCircle provides data-level zero-trust control to endpoints.


 

Free Tool Scans Web Servers for Vulnerability to HTTP Header-Smuggling Attacks

A researcher will release an open source tool at Black Hat Europe next week that roots out server weaknesses to a sneaky type of attack.


APTs, Teleworking, and Advanced VPN Exploits: The Perfect Storm

A Mandiant researcher shares the details of an investigation into the misuse of Pulse Secure VPN devices by suspected state-sponsored threat actors.


Russian National Accused of Role in Trickbot Is Extradited to US

Court documents say Vladimir Dunaev is alleged to have been a malware developer for the Trickbot Group.


Cybercriminals Take Aim at Connected Car Infrastructure

While car makers are paying more attention to cybersecurity, the evolution of automobiles into “software platforms on wheels” and the quick adoption of new features has put connected cars in the crosshairs.


SEO Poisoning Used to Distribute Ransomware

This tactic — used to distribute REvil ransomware and the SolarMarker backdoor — is part of a broader increase in such attacks in recent months, researchers say.


Top Hardware Weaknesses List Debuts

CWE list aimed at designers and programmers to avoid key hardware weaknesses early in product development.


Latest Commentary

Understanding the Human Communications Attack Surface

Companies should recognize that collaboration platforms aren’t isolated, secure channels where traditional threats don’t exist.

Otavio-Freire.png

Nov 01, 2021


A Treehouse of Security Horrors

True-life horrors from conversations with software engineers and developers. D’oh!

Adam-Caudill.png

Oct 29, 2021


 

3 Security Lessons Learned From the Kaseya Ransomware Attack

Organizations can better prepare themselves and their customers for these attacks with some strategies to identify threats before they become a widespread issue.

Photo of Ashok Sankar

Oct 28, 2021


You’ve Just Been Ransomed … Now What?

Six crucial steps executives and IT teams should be prepared to take immediately after a ransomware attack.

Daniel Clayton

Oct 28, 2021


Identity-Focused Security Controls Prevail

How identity and access management strategies held up during the pandemic and tips for putting together an identity security road map.

Photo of Clint Maples

Oct 27, 2021


For the latest cybersecurity news and information, please check the blog sidebar and links.  Thanks for joining us today.

https://cyber-security-intelligence.org

https://www.hawaiigeopoliticalnews.com

https://www.hawaiisciencedaily.info