A selection of this week’s more interesting vulnerability disclosures and cyber security news. Over the last few weeks there has been a number of notable code repository poisonings which quite rightly caused alarm at the possible downstream risk. This week though, a mother lode has been struck; Docker Hub. Being home to images for many core systems, and also providing keys to critical parts of the build system, this is highly shocking. Luckily it seems only a small (but still large proportion) of users are affected, and the response to deal with it was rapid, it still gives an uneasy feeling to what could happen if someone struck an even greater prize:
What did you do for World Password Day?
The more successful fraudsters and scammers play on authority in some way. If someone with a high viz jacket knocks on the door, or an apparent police officer asks you to do something, most would comply without question; and if a famous person makes contact, well, you’d be thrilled right?
Other news…