Lacework tracks Moobot: botnet that targets vulnerable Docker APIs
There is an abundance of Mirai-based botnets in the wild however “Moobot”, which targets vulnerable Docker APIs, recently showed up...
Month: October 2020
Bug bounty programs don’t always pay up: researchers
Bug bounty platforms have filled a genuine need by connecting security researchers and pen-testers with products vendors in a manner...
Palo Alto Networks researcher discovers Linux privilege escalation vulnerability
A privilege escalation vulnerability had been lurking in the Linux kernel all this time until being discovered by a Palo...
5 virtual events to attend for Cybersecurity Awareness Month 2020
In the U.S., Cyber Security Awareness Month (NCSAM) is observed in the month of October. This is the time to...
Sonatype releases Advanced Development Pack with next-gen DevSecOps intelligence
Fulton, MD – Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today unveils its...
Office 365 phishing page evades detection using Google captcha
A newly discovered phishing campaign makes the recipient solve captchas in an effort to both add some legitimacy to itself...
Slack is down and lagging for users across the world
Slack, the widely popular workplace messaging app has stopped working for multiple users across the globe or at least experiencing...
Gravatar API lets you scrape millions of user profiles
Yesterday, I reported on BleepingComputer how Gravatar API makes it easy for web scrapers and bots to automatically enumerate Gravatar...
Telegram app used by malware to infiltrate online stores
An ongoing trend observed by cybersecurity analysts and malware researchers reveals Telegram messaging service is being abused by malware authors...
NodeJS malware caught exfiltrating IPs, username, and device information on GitHub
Multiple NodeJS packages laden with malicious code have been spotted on npm registry. These "typosquatting" packages served no purpose other...
