SEARCH
Docker Hub Breach Can Have a Long Reach
Docker revoked tokens linking GitHub and Bitbucket with Docker Hub accounts after discovering "unauthorized access" in its Hub database. Developers should check their code to ensure no unauthorized changes have been made.
New Side-Channel Attack Extracts Private Keys From Some Qualcomm Chips
Researchers from NCC Group developed an attack that can pull private keys from the hardware-backed keystore in some Qualcomm chips.
Criminals Hosting Phishing Kits on GitHub
Criminals Hosting Phishing Kits on GitHub
DNSpionage Attackers Deploying New Karkoff Backdoor
The DNSpionage attack group is now using a new backdoor called Karkoff, which may have ties to the OilRig leaks as well.
Microsoft Will No Longer Recommend Forcing Periodic Password Changes
Users who hate having to change their Windows passwords every 60 days can rejoice: Microsoft now agrees that there is no point to forced password changes and will be removing that recommendation from its security recommendations.