March 28, 2024

Web and Technology News

Open source code for commercial software applications is ubiquitous, but so is the risk

As the SolarWinds and Log4j hacks show, vulnerabilities in open source software used in application development can open doors for attackers with vast consequences. A new study looks at the open source community’s efforts to “credit-rate” the risk.
The…

Iran-backed hackers breached a US federal agency that failed to patch year-old bug

The U.S. government’s cybersecurity agency says hackers backed by the Iranian government compromised a federal agency that failed to patch against Log4Shell, a vulnerability fixed almost a year ago. In an alert published Thursday, the Cybersecurity and Infrastructure Security Agency said that a federal civilian executive branch organization (FCEB) was breached by Iranian government hackers […]

Iran-backed hackers breached a US federal agency that failed to patch year-old bug by Carly Page originally published on TechCrunch

China-backed APT41 compromised ‘at least’ six US state governments

The prolific China APT41 hacking group, known for carrying out espionage in parallel with financially motivated operations, has compromised multiple U.S. state government networks, according to cybersecurity giant Mandiant. The group — seemingly undeterred by U.S. indictments against five APT41 members in 2020 — conducted a months-long campaign during which it targeted and successfully breached […]

China-backed APT41 compromised ‘at least’ six US state governments

The prolific China APT41 hacking group, known for carrying out espionage in parallel with financially motivated operations, has compromised multiple U.S. state government networks, according to cybersecurity giant Mandiant. The group — seemingly undeterred by U.S. indictments against five APT41 members in 2020 — conducted a months-long campaign during which it targeted and successfully breached […]