The Week in Security

December 1, 2022

The Week in Security: Docker Hub leaks secrets, Black Basta ransomware gangs up on retailer

This week: Another open-source platform is being used by cybercriminals. Also: the Black Basta ransomware gang takes credit for the attack on Maple Leaf Foods. 
November 17, 2022

The Week in Security: Disguised Russian software used in U.S. Army, CDC applications

This week: software security and international relations collide as one tech company falsely brands itself as a U.S. software supplier. Also: a Canadian supermarket chain has been hit with a ransomware attack. 
November 10, 2022

The Week in Security: Former Uber CSO convicted over hack cover-up, supply chain attack targets media

This week: Former Uber CSO is convicted for his attempted cover-up of a 2016 hack of the company. Also: A software supply chain attack has pushed out malware to at least 250 media sites. 
November 3, 2022

The Week in Security: OpenSSL danger downgraded but still real, GitHub exposed

This week: an expected OpenSSL vulnerability may not be as disastrous as was predicted, but is still very real. Also: Unauthorized hackers accessed 130 GitHub repositories as a result of a Dropbox breach. 
October 27, 2022

The Week in Security: Pro-China cyber operation Dragonbridge targets U.S. elections

This week: Pro-China operation Dragonbridge targets the U.S. political system. Also: Two flaws in Cisco AnyConnect are being actively exploited. 
October 20, 2022

The Week in Security: Attacks on critical infrastructure and the software supply chain take off

This week: Critical infrastructure sectors such as education and aviation are being targeted by cybercriminals. Also: software supply chain attacks have increased by 742% in the past 3 years. 
October 13, 2022

The Week in Security: Google takes next step on supply chain risk, UK issues software security guidance

This week: Google Cloud announces new solution to tackle software supply chain risk, multiple vulnerabilities in Adobe products could lead to arbitrary code execution, and more. 
October 6, 2022

The Week in Security: CISA alerts on open source tool, SBOMs are just the 'first step'

This week: APT groups targeted a defense industrial base sector organization, why SBOMs are a great “first step,” and more.