Software Supply Chain Security
Supply Chain Dependency: What Your GitHub Connections May Trigger
Alon Jackson | | API Keys, CircleCI breach, connections, GitHub, GitHub repositories, supply chain attack
The writing is on the walls, and it’s hard to avoid after the significant spike in attacks against GitHub repositories. The recent CircleCI breach, in which customers’ secrets and encryption keys were ...
Security Boulevard
GoDaddy Hosting Hacked — for FOURTH Time in 4 Years
Richi Jennings | | cPanel, GoDaddy, GoDaddy hacked, godaddy.com, hacked WordPress, hosting, hosting provider, persistence, Persistent Threats, SB Blogwatch, webhosting, Website Hosting
GoDaddy’s web hosting service breached yet again. This time, the perps were redirecting legit websites to malware ...
Security Boulevard
Anker’s Eufy Admits ‘Lie’ After TWO Months — Still no Apology
Richi Jennings | | Anker, E2EE, end-to-end encryption, Eufy, GDPR, Internet of things, iot, Privacy, SB Blogwatch, Security Cameras, The ‘S’ in IoT stands for Security
Anker said its Eufy cameras never send unencrypted video. But a couple of months ago, researchers discovered they did. Despite the clear evidence, Anker denied, delayed and deflected ...
Security Boulevard
Another Password Manager Leak Bug: But KeePass Denies CVE
Richi Jennings | | CVE-2023-24055, default settings, Dominik Reichl, KeePass, open source, password managers, SB Blogwatch
Two researchers report vulnerability in KeePass. But lead developer Dominik Reichl says it’s not a problem—and refuses to fix the flaw ...
Security Boulevard
After hack, CircleCI tells devs to update secrets now
In this latest attack on software development environments, the CircleCI platform may have exposed secrets used by millions of software developers ...