TechstrongGroup

PlatformEngineering.com: Strengthening Security in the Software Development Lifecycle  – Source: securityboulevard.com https://ciso2ciso.com/platformengineering-com-strengthening-security-in-the-software-development-lifecycle-source-securityboulevard-com/ #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #platformengineering #CyberSecurityNews #SecurityBoulevard #TechstrongGroup #SocialFacebook #SocialLinkedIn #websitelaunch #Spotlight #FEATURED #SocialX #News

The #Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup.

More software supply-chain security shenanigans: #PyPI came under attack earlier, with more than 500 fake packages with similar names to popular ones. Scrotes unknown have been trying to steal cryptocurrency credentials and other secrets.

Yes, it’s happened yet again. In #SBBlogwatch, we ask if it’s time for a #CodeReuse rethink. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2024/03/pypi-suspended-500-fakes-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

#Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures.

An enormous cache of documents and data from a #Chinese hacking outfit got leaked by an insider. The state sponsored company, #ISoon, seems to have a disgruntled mole who made all its secrets public.

Analysts will be poring over the data for months. In #SBBlogwatch, we lap it up, like a Pooh laps hunny. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2024/02/china-hacking-i-soon-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

Researchers reconstruct your #fingerprint by listening to you swipe.

Can scrotes steal your fingerprints just by eavesdropping? An academic paper claims they can. Although accuracy isn’t perfect—yet.

As more and more sensitive stuff is secured behind #biometrics, it’s a bit of a worry. In #SBBlogwatch, we deregister our swiping fingers. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2024/02/printlistener-fingerprint-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

11-nation army led by UK eliminates ransomware-for-hire scrotes’ servers.

The UK’s National Crime Agency has broken the #LockBit gang. With help from the U.S., Canada, Australia, Finland, France, Germany, Japan, Netherlands, Sweden and Switzerland, the Russian ransomware-as-a-service infrastructure is no more.

Those plucky Brits got the scrotes’ data, too. In #SBBlogwatch, we break out the warm beer with some delicious fish and chips. At #TechstrongGroup’s #'SecurityBlvd: https://securityboulevard.com/2024/02/lockbit-op-cronos-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

Yet another hack of Sony: Emergent #ransomware gang #Ransomed.vc says it pwned entire #Sony group.

“We are currently investigating. … We have no further comment.” In today’s #SBBlogwatch, we’re not 100% surprised. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/09/sony-hacked-ransomed-vc-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

In this week’s #TheLongView:
#Google fires hundreds of #recruiters, and
#ARM gets a sky-high #IPO valuation.

At #TechstrongGroup’s #DevOpsDotCom: https://devops.com/google-recruiters-arm-valuation-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc #DevOps

After Apple’s #BLASTPASS patches, come a bunch of others. Exploits are in the wild.

The bug is in #libwebp​—a Google #WebP image library built in to many apps. In today’s #SBBlogwatch, we prepare for carpal tunnel. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/09/patch-everything-widely-used-webp-code-has-critical-bug/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

#MGMResorts has pulled the plugs—it’s come under cyberattack. Seems like another #ransomware attack.

#MGM is a huge deal in #LasVegas, owning 12 properties. In today’s #SBBlogwatch, we’re not staying in #Vegas. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/09/mgm-ransomware-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

#Google says its #TopicsAPI is ready: #PrivacySandbox is shipping in #Chrome—finally. So, la $GOOG is preparing to switch off #tracking #cookies.

Sinister land grab? In today’s #SBBlogwatch, we see both sides. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/09/google-privacy-sandbox-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

In this week’s #TheLongView:
#Birmingham looks like the Detroit of the UK—is it #Oracle’s fault?
Was #Toyota’s factory failure caused by running out of disk space?

At #TechstrongGroup’s #DevOpsDotCom: https://devops.com/oracle-birmingham-erp-toyota-space-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

All top car brands collect personal data. They probably share and/or sell it, they don’t keep it secure—and good luck opting out. The #Mozilla Foundation is horrified.

In today’s #SBBlogwatch, we drive the point home. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/09/car-privacy-mozilla-richixbw/?utm_source=richisoc

#Sourcegraph’s #LLM was hacked last week. Scrotes labored for days to make it available free.

Some #PII might have leaked, too. The company isn’t sure. In today’s #SBBlogwatch, we check our GitHub repos (yet again). At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/09/sourcegraph-secrets-ai-llm-richixbw/?utm_source=richisoc

#China accused of hiding #spyware in app stores. APT #GREF put #BadBazaar in cloned #Signal & #Telegram.

#Google acted (slowly), but #Samsung failed to do anything. In today’s #SBBlogwatch, we’re all about the déjà vu. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/08/badbazaar-signal-telegram-gref-richixbw/?utm_source=richisoc&utm_medium=social&utm_campaign=richisoc

World’s biggest loader #botnet has ceased to be. Bereft of life—thanks to @TheJusticeDept & Euro partners.

#Qakbot has rung down the curtain. In today’s #SBBlogwatch, we’ve gone to join the choir invisible. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/08/qakbot-fbi-duck-hunt-richixbw/?utm_source=richisoc #DuckHunt

#Trains all over #Poland are mysteriously slamming on the brakes, with #Putin’s voice heard on the drivers’ radios—backed with the Russian national anthem. So, of course, the mainstream media is all up in a lather about #Russian hackers.

Or was it just a modern-day #BlueBox prank? In today’s #SBBlogwatch, we grab some delicious Cap’n Crunch. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/08/russia-hack-poland-trains-richixbw/?utm_source=richisoc

In this week’s #TheLongView:
#Scrum sucks, sources say; and
Here comes the #Linux 6.5 kernel.

At #TechstrongGroup’s #DevOpsDotCom: https://devops.com/scrum-cancer-linux-6-5-richixbw/?utm_source=richisoc #DevOps

If hackers can silently watch your inbox, they can also break into your other accounts.

So Google’s adding #authentication to the #Gmail settings scrotes use. In today’s #SBBlogwatch, we finally sort out our #2FA. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/08/gmail-extra-2fa-richixbw/?utm_source=richisoc

In this week’s #TheLongView:
Translating legacy #COBOL code to a slightly more modern language, and
#Arm will go public (again) next month.

At #TechstrongGroup’s #DevOpsDotCom: https://devops.com/ibm-llm-ai-cobol-java-arm-ipo-richixbw/?utm_source=richisoc #DevOps

Seems to be #ransomware. It’s been a long time coming. In today’s #SBBlogwatch, we smell #legacy systems. At #TechstrongGroup’s #SecurityBlvd: https://securityboulevard.com/2023/08/rapattoni-mls-ransomware-richixbw/?utm_source=richisoc #Rapattoni #MLS