[HackerNews] Chinese Hackers Exploit Latest SolarWinds 0-Day to Target U.S. Defense Firms

Microsoft on Tuesday disclosed that the latest string of attacks targeting SolarWinds Serv-U managed file transfer service with a now-patched remote code execution (RCE) exploit is the handiwork of a Chinese threat actor dubbed “DEV-0322.”
The revelation comes days after the Texas-based IT monitoring software maker issued fixes for the flaw that could enable adversaries to remotely run arbitrary

Source: Read More (The Hacker News)

You might be interested in …

[ZDNet] Dump Google Chrome and keep (almost) all the benefits

All posts, ZDNet

Better performance, longer battery life, and none of the Google stuff. Source: Read More (Latest topics for ZDNet in Security)

Read More

[SecurityWeek] Threat Actors Target Kubernetes Clusters via Argo Workflows

All posts, Security Week

Threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners, according to a warning from security vendor Intezer. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SecurityWeek] New ‘Allstar’ App Enforces Security Best Practices for GitHub Projects

All posts, Security Week

The Open Source Security Foundation (OpenSSF) on Wednesday announced the availability of a new GitHub app that can be used to automatically and continuously enforce security best practices for GitHub projects. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.