Infosec News – March 21

An article about package manager typo-squatting that I had not known about. An attacker names their malicious package very similar to something that already exists and uploads it to a package manager, hoping that a developer will download and use it instead of the real thing.—threats/beware-the-package-typosquatting-supply-chain-attack/a/d-id/1340383

Covid-19 testing service exposed Amazon S3 buckets that contained PII, including passport scans:
We briefly mentioned exposed Amazon S3 buckets in the last news brief.

Mark Kerzner
Written by:

Mark Kerzner

Mark Kerzner is the co-founder of Elephantscale. He is a Trainer, Author(AI, Machine Learning, Spark, Hadoop, NoSQL, Blockchain)

Leave a Reply

Your email address will not be published. Required fields are marked *