2024-03-30
Chainguard Images are built to reduce the number of components inside, only using what is required to build or run an application. Because of these minimal and intentional design decisions, @chainguard_dev Images do not include SSH or liblzma by default.
Ars Technica
Researchers find malicious code in versions of the compression tool XZ Utils that were incorporated into Linux distributions from Red Hat, Debian, and others
Malicious code planted in xz Utils has been circulating for more than a month. — Researchers have found a malicious backdoor …
2023-08-02
Sheeeeeeesh. “Researchers at Texas-based Halcyon said a company called Cloudzy had been leasing server space and reselling it to no fewer than 17 different state-sponsored hacking groups from China, Russia, Iran, North Korea, India, Pakistan and Vietnam.”
TechCrunch
Halcyon: Cloudzy, a Wyoming-registered web hosting company likely operating out of Tehran, is acting as a command-and-control provider for state-backed hackers
A little-known cloud company provided web hosting and internet services to more than two dozen different state-sponsored hacking groups …
2023-03-03
Glad to see the @WhiteHouse National Cyber Strategy out in the 🌎. A lot of collaboration and effort went into developing this and i'm hopeful for how it will guide security outcomes in the near and long term. https://www.whitehouse.gov/...
CyberScoop
The Biden administration issues a national cybersecurity strategy, seeking to impose minimum standards, shift responsibility to larger software makers, and more
CyberScoop :
2022-06-25
Love me a little @Google Project Zero & TAG collabo.. New research out today about Italian spyware vendor, RCS Labs, capabilities and targeting of users in Italy & Kazakhstan. https://blog.google/...
TechCrunch
Google details the commercial spyware Hermit, used in Kazakhstan and Italy, targeting Android and iOS; the iOS version has six exploits, including two zero-days
Saturday, June 25, 2022 // (IG): BB //Weekly Sponsor: Dataminr Deeba Ahmed / HackRead : ISPs Helping Attackers Install Hermit Spyware on Smartphones- Google Sergiu Gatlan / Bleepin...
2022-06-24
Love me a little @Google Project Zero & TAG collabo.. New research out today about Italian spyware vendor, RCS Labs, capabilities and targeting of users in Italy & Kazakhstan. https://blog.google/...
TechCrunch
Google details the commercial spyware Hermit, used in Kazakhstan and Italy, targeting Android and iOS; the iOS version has six exploits, including two zero-days
Zack Whittaker / TechCrunch :
2022-03-18
On moving beyond passwords, @google's @christiaanbrand says “Hopefully for the users it will be a small behavioral change, but the technology is a giant leap forward.” https://twitter.com/...
Wired
A look at the FIDO Alliance's vision of a passwordless future, based on a passkey-like “FIDO credential” manager that lets users easily switch between devices
After a decade of work, the FIDO Alliance says it's found the missing piece in the bridge to a password-free future.
2022-03-01
“Many people are quite surprised that there isn't significant integration of cyberattacks into the overall campaign that Russia is undertaking in Ukraine,” said @ShaneHuntley the director of @Google's TAG. “This is mostly business as normal as to the levels of Russian targeting.” https://twitter.com/...
CNBC
Microsoft says cyberattacks using new malware hit Ukraine hours before Russia's invasion began; the company added new signatures to Defender within three hours
- Brad Smith, Microsoft's president, wrote in a blog post on Monday about the company's efforts to keep Ukraine informed of cyberattacks.
“Many people are quite surprised that there isn't significant integration of cyberattacks into the overall campaign that Russia is undertaking in Ukraine,” said @ShaneHuntley the director of @Google's TAG. “This is mostly business as normal as to the levels of Russian targeting.” https://twitter.com/...
Washington Post
After dire predictions, Russia has not yet unleashed a crippling cyberattack on Ukraine, leaving the country with functioning internet and infrastructure
Washington Post :
2021-10-09
Incredibly proud of the work @Google is doing to bring advanced #security to high risk users. This year we delivered over 10,000 keys to high risk users. None of this would be possible w/o our incredible partners @DefendCampaigns, @IFES1987, @UNWomenUSA https://blog.google/...
ZDNet
Google announces new efforts to protect journalists and high-risk users from cyberattacks, including providing over 10,000 free security keys through 2021
The announcement comes one day after the Google TAG team alerted journalists and high-risk groups that could be targets to ongoing attacks.
2021-09-09
“The most significant features of this network remain its scale and persistence, in spite of low engagement levels,” explains @Google TAG director @ShaneHuntley https://twitter.com/...
Wall Street Journal
Researchers: China-linked fake social media accounts tried to draw Asian-Americans to protests against racism; Facebook, YouTube, Twitter suspended the accounts
Dustin Volz / Wall Street Journal : Source: FireEye .