DevOps
![Vladimir Vladimirovich Putin (or possibly a very good lookalike)](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
‘Russia’ Breaches TeamViewer — ‘No Evidence’ Billions of Devices at Risk
Richi Jennings | | 2-factor authentication, 2fa, 2FA/MFA, APT29, Cozy Bear, CozyCar, CozyDuke, Dark Halo, enshittification, MFA, mfa protection, Midnight Blizzard, multi-factor, multi-factor authenication, Multi-Factor Authentication, Multi-Factor Authentication (MFA), multi-factor-auth, NOBELIUM, Nobeliumm, Office Monkeys, Russia, russia hacker, russia-based, russian, SB Blogwatch, SolarWinds, SolarWinds Vulnerability, solarwinds-hack, StellarParticle, SVR, TeamViewer, The Dukes, two-factor, two-factor athentication, Two-Factor Humor, two-factor-authentication.2fa, UNC2452, YTTRIUM
SolarWinds hackers strike again: Remote access service hacked—by APT29, says TeamViewer ...
Security Boulevard
![The Temu app on a smartphone screen peeking out from a pocket](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Temu is Malware — It Sells Your Info, Accuses Ark. AG
Richi Jennings | | breach of privacy, china, china espionage, Chinese, Chinese Communists, Chinese cyber espionage, chinese government, customer location, geofencing and location tracking, geolocation, Location, location access permission, location access risks, location data, Location data privacy, location history, location intelligence, location privacy, location services, location sharing location tracking, PDD Holdings, Pinduoduo, Privacy, SB Blogwatch, Temu, Whaleco
Chinese fast-fashion-cum-junk retailer “is a data-theft business.” ...
Security Boulevard
![Microsoft Skeleton Key AI jailbreak](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Skeleton Key the Latest Jailbreak Threat to AI Models: Microsoft
Microsoft details Skeleton Key, a new jailbreak technique in which a threat actor can convince an AI model to ignore its built-in safeguards and respond to requests for harmful, illegal, or offensive ...
Security Boulevard
![Finding leaked credentials in Docker images - How to secure your Docker images](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Container Security Scanning: Vulnerabilities, Risks and Tooling
Container security is crucial in the age of microservices and DevOps. Learn about common container vulnerabilities, container security scanning, and popular tools to secure your containers in this comprehensive guide ...
![Introducing Azul Code Inventory](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Trash Pandas Love Enterprise Java Garbage Code
If raccoons were software engineers, they would feel at home inside many enterprise systems. These systems are often full of unused and dead code that was written, fully tested, then altered in ...
![A flock of ostriches (or is it a troop?)](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
WordPress Plugin Supply Chain Attack Gets Worse
Richi Jennings | | hacked WordPress, hacking wordpress, plug-in, plug-in vulnerability, plug-ins, rogue plug-in, SB Blogwatch, software supply chain, software supply chain attack, software supply chain attacks, software supply chain risk, Software Supply Chain risks, Supply-Chain Insecurity, Themes and Plug-ins, wordpress, WordPress plug-in, wordpress plugin update, Wordpress Plugin Vulnerability, WordPress Plugin Vulnerability Exploitation, WordPress Plugins, WordPress Plugins and Themes
30,000 websites at risk: Check yours ASAP! (800 Million Ostriches Can’t Be Wrong.) ...
Security Boulevard
![KC Green’s seminal “This Is Fine” cartoon, where a dog drinks coffee, seemingly oblivious to a fire that’s engulfing the house.](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Microsoft Privacy FAIL: Windows 11 Silently Backs Up to OneDrive
Richi Jennings | | Microsoft, Microsoft Account Security, Microsoft OneDrive, Microsoft Windows, OneDrive, Privacy, SB Blogwatch, Windows, Windows 11
Copying users’ files and deleting some? Even a cartoon hound knows this isn’t fine ...
Security Boulevard
How AttackIQ Can Bolster CORA Compliance in the Federal Government
Kathy Hsu | | actionable insights, AttackIQ, automated security control validation, Automated Testing, Compliance, Continuous Security Control Validation, CORA, Federal, MITRE ATT&CK
Federal agencies need strong security controls and continuous compliance. The Cyber Operational Readiness Assessment (CORA) by the DHS and industry partners enhances critical infrastructure resilience against cyber threats. The post How AttackIQ ...
Addressing Node.js Vulnerabilities in Ubuntu
Rohan Timalsina | | Extended Lifecycle Support, KernelCare Enterprise, Linux & Open Source News, linux kernel patching, linux live patching, node.js, Node.js vulnerabilities, open source, security patches, security vulnerabilites, Ubuntu 18.04 End of Life, Ubuntu 20.04, Ubuntu 22.04, ubuntu 23.10, Ubuntu Security Fixes, Ubuntu Security Updates
Node.js is an open-source, cross-platform JavaScript runtime environment built on the powerful V8 engine from Chrome. It allows you to run JavaScript code outside a web browser, making it popular for building ...
MISRA validation on FreeRTOS
Parts of the FreeRTOS kernel are MISRA 2012 compliant (details are here). I am quite impressed with the work done to make a project originally written without MISRA in mind MISRA-compliant. They used ...