Cybersecurity

6872 readers
56 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago
MODERATORS
kid
[email protected]
listing: all - local
26
2
China-linked FamousSparrow APT group resurfaces with enhanced capabilities - Help Net Security (www.helpnetsecurity.com)
submitted 4 days ago by kid to c/cybersecurity
0 comments fedilink
27
2
New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest (www.securityweek.com)
submitted 4 days ago by kid to c/cybersecurity
0 comments fedilink
28
8
Chinese Weaver Ant hackers spied on telco network for 4 years (www.bleepingcomputer.com)
submitted 6 days ago by [email protected] to c/cybersecurity
1 comments fedilink
29
1
Inside Kimsuky’s Latest Cyberattack: Analyzing Malicious Scripts and Payloads (labs.k7computing.com)
submitted 4 days ago by kid to c/cybersecurity
0 comments fedilink
30
1
RedCurl cyberspies create ransomware to encrypt Hyper-V servers (www.bleepingcomputer.com)
submitted 4 days ago by kid to c/cybersecurity
0 comments fedilink
31
15
New Phishing Campaign Targets macOS Users with Fake Security Alerts (hackread.com)
submitted 1 week ago by kid to c/cybersecurity
3 comments fedilink
32
8
Linux kernel Rust module for rootkit detection (blog.thalium.re)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
33
23
Cyberattack takes down Ukrainian state railway’s online services (www.bleepingcomputer.com)
submitted 1 week ago by kid to c/cybersecurity
1 comments fedilink
34
39
FBI warnings are true—fake file converters do push malware (www.bleepingcomputer.com)
submitted 1 week ago by [email protected] to c/cybersecurity
5 comments fedilink
35
4
New SvcStealer Malware Attacking Users To Steal Sensitive Data From Browsers & Apps (cybersecuritynews.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
36
6
New VanHelsingRaaS Attacking Linux, BSD, ARM, and ESXi Systems (cybersecuritynews.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
37
15
VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware (thehackernews.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
38
11
Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools (securityaffairs.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
39
7
Cloak Ransomware Hits Virginia Attorney General’s Office, Disrupts IT Systems (hackread.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
40
6
Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (www.bleepingcomputer.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
41
11
Steampipe: How to secure API credentials? (sh.itjust.works)
submitted 1 week ago* (last edited 1 week ago) by _synack to c/cybersecurity
11 comments fedilink
 
 

I learned of the existence of steampipe recently, which seems to be an interesting tool to help teams - including cybersecurity teams - understand their cloud assets and ensure compliance with security policies.

I started playing around with it, and one thing that struck me immediately is the need to store API credentials for the various plugins in plaintext in JSON files in your user profile. This struck me as incredibly insecure, especially given that the default UNIX permissions on the files seem to be 644.

Does anyone know if there is a way to store and dynamically retrieve these API credentials more securely, such as in a remote key store like AWS Secrets Manager or Azure Key Vault? I spent awhile searching and watching some YouTube videos, but didn't come across a method to do this.

42
2
Nation-State 'Paragon' Spyware Infections Target Civil Society (www.darkreading.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
43
8
Coinbase was primary target of recent GitHub Actions breaches (www.bleepingcomputer.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
44
19
Cloudflare now blocks all unencrypted traffic to its API endpoints (www.bleepingcomputer.com)
submitted 1 week ago by kid to c/cybersecurity
2 comments fedilink
45
19
Microsoft Trusted Signing service abused to code-sign malware (www.bleepingcomputer.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
46
6
Next.js and the corrupt middleware: the authorizing artifact (zhero-web-sec.github.io)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
47
2
Cybercriminals Exploit CheckPoint Driver Flaws in Malicious Campaign (www.infosecurity-magazine.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
48
15
Oracle Denies Breach Amid Hacker’s Claim of Access to 6 Million Records (hackread.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
49
5
Web Shell to Ransomware: New VMware Attack Vector Exposed by Sygnia (securityonline.info)
submitted 1 week ago by kid to c/cybersecurity
2 comments fedilink
50
3
RansomHub affiliate uses custom backdoor Betruger (securityaffairs.com)
submitted 1 week ago by kid to c/cybersecurity
0 comments fedilink
view more: ‹ prev next ›