Security News > 2022 > August > Week in review: RCE bug in GitLab patched, phishing PyPI users, Escanor malware in MS Office docs
Phishing PyPI users: Attackers compromise legitimate projects to push malwarePyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users.
DDoS tales from the SOCIn this Help Net Security video, Bryant Rump, Principal Security Architect at Neustar Security Services, talks about the challenges of mitigating immense DDoS attacks.
How vulnerable supply chains threaten cloud securityOrganizations are struggling to sufficiently secure new cloud environments implemented during the pandemic, while maintaining legacy equipment and trying to adapt their overall security strategy to the evolving landscape, according to a Proofpoint study released in collaboration with The Cloud Security Alliance reveals.
CISOs see little need for a point solution to cover ransomware riskIn this Help Net Security video, Sara Behar from YL Ventures talks about how CISOs see little need for a point solution to cover ransomware risk, believing instead in utilizing a full security stack for a multi-layered approach that addresses many security concerns at once.
New social engineering tactics discovered in the wildIn this Help Net Security video, Otavio Freire, President and CTO at SafeGuard Cyber, offers insight on new social engineering tactics discovered in the wild, and illustrates how phishing attacks are changing, including how they're evolving beyond email.
We need to think about ransomware differentlyIn this Help Net Security video, David Mahdi, Chief Strategy Officer & CISO Advisory at Sectigo, talks about how ransomware isn't solely a malware problem, bad actors want access to your data, so it really is a data security and access problem.
News URL
Related news
- New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware (source)
- Attackers Using Obfuscation Tools to Deliver Multi-Stage Malware via Invoice Phishing (source)
- GitLab affected by GitHub-style CDN flaw allowing malware hosting (source)
- US Post Office phishing sites get as much traffic as the real one (source)
- Millions of Docker repos found pushing malware, phishing sites (source)
- Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns (source)