Security News

Australian Craig Wright has finally admitted he is not the inventor of Bitcoin after losing several cases in the High Court of England and Wales, whose judge has suggested he be investigated for perjury. Wright has for years claimed to be Satoshi Nakamoto - the pseudonym used by whoever wrote the whitepaper that defined Bitcoin and created the reference architecture for the cryptocurrency.

The infamous cybercrime group known as Scattered Spider has incorporated ransomware strains such as RansomHub and Qilin into its arsenal, Microsoft has revealed. Scattered Spider is the...

Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. It has been described as a remote command execution flaw in the Gremlin graph traversal language API. "Users are recommended to upgrade to version 1.3.0 with Java11 and enable the Auth system, which fixes the issue," the Apache Software Foundation noted in late April 2024.

In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Use shift left tools to catch authentication and authorization issues early in the development process, ensuring that security is a foundational aspect of your API. What metrics or indicators should organizations focus on to detect and respond to API security threats?

SubSnipe is an open-source, multi-threaded tool to help find subdomains vulnerable to takeover. It's simpler, produces better output, and has more fingerprints than other subdomain takeover tools.

As a Cybersecurity Analyst II, you will drive complex investigations and conduct deep analysis of security events, across various company security platforms, focused on rapid containment and remediation. As a Cyber Security Engineer, you will manage and maintain the platforms, applications and security systems that deliver infrastructure security services to the Bank, with specific emphasis on endpoint security and web proxies.

The report found the GitHub Actions marketplace's security posture to be especially concerning, with most custom Actions not verified, maintained by one developer, or generating low-security scores based on OpenSSF Scorecard. Insecure GitHub Actions could allow attackers to compromise open-source and initiate supply chain attacks or use them as an initial attack vector into organizations that use GitHub.

MuddyWater, an Iranian government-backed cyber espionage crew, has upgraded its malware with a custom backdoor, which it's used to target Israeli organizations. It's since moved on to phishing campaigns that deploy a new backdoor - dubbed BugSleep - according to Check Point Research.

Kaspersky is offering free security products for six months and tips for staying safe as a parting gift to consumers in the United States. [...]

CISA is warning that a critical GeoServer GeoTools remote code execution flaw tracked as CVE-2024-36401 is being actively exploited in attacks. On June 30th, GeoServer disclosed a critical 9.8 severity remote code execution vulnerability in its GeoTools plugin caused by unsafely evaluating property names as XPath expressions.