Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

IT industry update

published on 2022-08-17 07:17:46 UTC by Paul Lopez
Content:

This month we are looking at what interesting insights we have been able to find about cyber security within the IT sector.

  1. Researchers have found hardcoded API keys within mobile applications - Researchers Discover Nearly 3,200 Mobile Apps Leaking Twitter API Keys (thehackernews.com). If you are involved in developing applications either for mobiles or for websites are you hard coding keys? Researchers have found hardcode keys in mobile applications which allow unauthorised access to Twitter accounts, and a recent new build website had developer keys still in place when the site was live. Are you checking your code doesn’t have hardcoded keys?
  2. Malicious IIS extensions quietly open persistent backdoors into servers - Microsoft Security Blog. If you have Microsoft exchange servers then you need to read this article and think about whether you can put in place the suggested mitigation.
  3. GitHub blighted by “researcher” who created thousands of malicious projects – Naked Security (sophos.com). If you use GitHub be aware of “researchers” uploading malicious repositories.

Further guidance & support

The Eastern Cyber Resilience Centre is a not-for-profit organisation, run by policing, with the intention of increasing cyber resilience of SMEs and third sector organisations within the East of England.

Our members can benefit from a range of services, from helping you improve your cyber resilience through our “little steps” programme to being notified about the threats relevant to you.

Why not join our community today?

It’s completely free, with no strings or sales pitches attached.

Policing led – business focused.

Article: IT industry update - published over 2 years ago.

https://www.ecrcentre.co.uk/post/it-industry-update   
Published: 2022 08 17 07:17:46
Received: 2022 08 17 07:32:33
Feed: The Eastern Cyber Resilience Centre
Source: National Cyber Resilience Centre Group
Category: News
Topic: Cyber Security
Views: 1

Custom HTML Block

Click to Open Code Editor