Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned Nov 01, 2024Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have flagged a “massive” campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is Read more…
DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more. What is Docker? Docker is an open-source platform that automates the deployment, Read more…
Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private End-to-end encrypted (E2EE) messaging app Signal said it’s piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes. “If you use Signal, Read more…
WhatsApp’s New Secret Code Feature Lets Users Protect Private Chats with Password Dec 01, 2023NewsroomPrivacy / Data Protection Meta-owned WhatsApp has launched a new Secret Code feature to help users protect sensitive conversations with a custom password on the messaging platform. The feature has been described as an “additional way Read more…
Experts Uncover Passive Method to Extract Private RSA Keys from SSH Connections Nov 27, 2023NewsroomServer Security / Encryption A new study has demonstrated that it’s possible for passive network attackers to obtain private RSA host keys from a vulnerable SSH server by observing when naturally occurring computational faults that occur Read more…