Afternoon Dessert – 2023-01-17

Afternoondessert

Welcome to another Afternoon Dessert breakout:

Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware
New research has found that it is possible for threat actors to abuse a legitimate feature in GitHub Codespaces to deliver malware to victim systems.
GitHub Codespaces is a cloud-based configurable development environment that allows users to debug, maintain, and commit changes to a given codebase from a web browser or via an integration in Visual Studio Code.
It also comes with a port
Read more….

Nissan North America data breach caused by vendor-exposed database
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information. […]
Read more….

Microsoft Azure Services Flaws Could’ve Exposed Cloud Resources to Unauthorized Access
Four different Microsoft Azure services have been found vulnerable to server-side request forgery (SSRF) attacks that could be exploited to gain unauthorized access to cloud resources.
The security issues, which were discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins, have since been addressed
Read more….

IT Burnout may be Putting Your Organization at Risk
The heavy responsibility of securing organizations against cyber-attacks can be overwhelming for security professionals. There are concrete solutions to IT burnout that your organization should implement as soon as possible to mitigate the risks of burnout. […]
Read more….

Serious Security: Unravelling the LifeLock “hacked passwords” story
Four straight-talking tips to improve your online security, whether you’re a LifeLock customer or not.
Read more….

Multi-million investment scammers busted in four-country Europol raid
216 questioned, 15 arrested, 4 fake call centres searched, millions seized…
Read more….

Over 4,000 Sophos Firewall devices vulnerable to RCE attacks
Over 4,000 Sophos Firewall devices exposed to Internet access are vulnerable to attacks targeting a critical remote code execution (RCE) vulnerability. […]
Read more….

Follow for more…

amautoio

Create a website or blog at WordPress.com

%d bloggers like this: