Malware in PyPI Code Shows Supply Chain Risks

Malware in PyPI Code Shows Supply Chain Risks

A code backdoor in a package on the Python Package Index demonstrates the importance of verifying code brought in from code repositories. The pace of…

View More Malware in PyPI Code Shows Supply Chain Risks
China installs spyware on tourists’ Android phones, downloads data from iPhones

China installs spyware on tourists’ Android phones, downloads data from iPhones

Foreigners visiting certain areas of China are having their smartphones searched at the border. With Android phones, authorities install a piece of spyware that has…

View More China installs spyware on tourists’ Android phones, downloads data from iPhones
Major HSM vulnerabilities impact banks, cloud providers, governments

Major HSM vulnerabilities impact banks, cloud providers, governments

Two security researchers have recently revealed vulnerabilities that can be exploited remotely to retrieve sensitive data stored inside special computer components known as HSMs (Hardware…

View More Major HSM vulnerabilities impact banks, cloud providers, governments
Google Confirms Android Smartphone Security Backdoor

Google Confirms Android Smartphone Security Backdoor

Earlier this year, Forbes reported how a banking Trojan called Triada had been found on a bunch of brand new budget Android smartphones. Google has now confirmed…

View More Google Confirms Android Smartphone Security Backdoor
12k+ Android apps contain master passwords, secret access keys, secret commands

12k+ Android apps contain master passwords, secret access keys, secret commands

A comprehensive academic study published this week has discovered hidden backdoor-like behavior — such as secret access keys, master passwords, and secret commands — in…

View More 12k+ Android apps contain master passwords, secret access keys, secret commands
Cyber Kill Chain - Lockheed Martin

Cyber Kill Chain – Lockheed Martin

Security incidents are events that may indicate that an organization’s systems or data have been compromised or that measures put in place to protect them…

View More Cyber Kill Chain – Lockheed Martin
IT Security Pros Slam State-Backed Encryption Backdoors

IT Security Pros Slam State-Backed Encryption Backdoors

Most IT security professionals believe governments that mandate end-to-end encryption backdoors are exposed to a greater risk of nation state cyber-attacks, according to Venafi. The…

View More IT Security Pros Slam State-Backed Encryption Backdoors