CEH

14/01/2025

07/12/2021

✦ When Cybercriminals Hide in Plain Sight: Hacking Platforms You Know and Trust ✦

🗓 Wednesday, December 08, 2021
2:00 PM Eastern Standard Time

Join this week's webinar and learn why your users should think twice before trusting even the most established platforms.

In this webinar Perry Carpenter and Kevin Mitnick talk about:

⇢ Why you shouldn’t always trust legitimate providers like Microsoft Teams
⇢ How something as innocuous as an office printer can be weaponized
⇢ Why pre-texting bots may be your organization’s biggest threat
⇢ Top 3 tips for preventing cyber attacks

Eye-opening hacking demos you won't want to miss
See the dangers lurking behind these seemingly innocent actions for yourself.

19/06/2021

Google Releases New Framework to Prevent Software Supply Chain Attacks ::--

As software supply chain attacks emerge as a point of concern in the wake of SolarWinds and Codecov security incidents, Google is proposing a solution to ensure the integrity of software packages and prevent unauthorized modifications.

Called "Supply chain Levels for Software Artifacts" (SLSA, and pronounced "salsa"), the end-to-end framework aims to secure the software development and deployment pipeline — i.e., the source ➞ build ➞ publish workflow — and mitigate threats that arise out of tampering with the source code, the build platform, and the artifact repository at every link in the chain.



Google said SLSA is inspired by the company's own internal enforcement mechanism called Binary Authorization for Borg, a set of auditing tools that verifies code provenance and implements code identity to ascertain that the deployed production software is properly reviewed and authorized.

"In its current state, SLSA is a set of incrementally adoptable security guidelines being established by industry consensus," said Kim Lewandowski of Google Open Source Security Team and Mark Lodato of the Binary Authorization for Borg Team....

05/06/2021

Necro Python malware has been enhanced with new exploits for more than 10 different web apps and the SMB protocol, as well as Tezos cryptocurrency mining capabilities....

18/05/2021

Researchers demonstrated how attackers could upload data from non-internet-connected devices by taking advantage of the Find My Network feature in nearby Apple devices.....

17/12/2020

WATCH OUT! In a newly spotted SUPPLY-CHAIN attack, attackers compromised the Vietnam Government Certification Authority server and distributed a BACKDOORED version of the digital signature toolkit to install PhantomNet malware.....

24/11/2020

BEWARE..! Stantinko adware and coin-mining botnet is now targeting Linux servers with a new version of PROXY malware to fly under the radar....

18/11/2020

Wanna learn how to hack Bluetooth devices?

Try BLE HackMe, a free tool for Windows 10 that simulates various BLE devices without the need for any dedicated hardware and offers various hands-on hacking challenges for practice...

17/10/2020

Microsoft has issued a warning about a new ransomware malware that leverages incoming call notifications and Android's Home button to lock the device behind a ransom note.....

17/10/2020

German police raided 15 residential and business premises linked to commercial spyware company FinFisher over illegally exporting the software abroad without proper authorization....

15/08/2020

Happy Independence Day..