Tag: open source risk
CISA and EPA Launch Water Sector Cyber Toolkit – February 2nd
CISA and EPA Launch Water Sector Cyber Toolkit Amid the recent string
Trello Data Breach Exposes 15M Users – January 29th
Initially noted by the 'Have I Been Pwned?' breach notification service, user data of 15 million Trello users are now exposed, and peddled on Dark Web hacking forums. Atlassian, Trello's parent company commented on the attack, claiming they've taken significant steps to prevent such data scraping attacks. They will continue to investigate and mitigate the situation surrounding the cyber attack.
Cybersecurity Experts Question ‘Cyber Scam Warning’ Effectiveness – January 19th
The concern of official cyber scam warnings potentially being ineffective was raised by cybersecurity firms, Praxis Labs, eSentire, stemming from Dubai and Ghana cyber and law enforcement agency reports. After multiple cyber scam warnings issued by the Dubai Police and the Cyber Security Authority of Ghana, reports of victims continuously poured in for these “search engine scams”. Following the incidents, researchers at Praxis Labs and eSentire released statements on human behavior corresponding to cyber, by being on "default mode" and for search engines, the issuance of "implicit trust".
CISA Warns Google Chrome Users of Open Source Vulnerabilities – January 4th
In an announcement addressed to US Federal Agencies, the Cybersecurity and Infrastructure Security Agency (CISA) warned Google Chrome users of a vulnerability (CVE-2023-7101) impacting the web browser's open-source Perl library. The Google vulnerability affects an open-source project, Google Chromium WebRTC, which as a result allows threat actors to cause browser crashes and launch other actions.