As this year comes to a close, it is a good time to take a look at the trends of open source license usage in 2020 and compare them to previous years. Our research team has collected information from the WhiteSource database, which includes more than 4 million open source packages and 130 million open source files covering over 200 programming languages, to learn which were the most popular open source licenses in 2020.

Apple loves bragging about how secure their devices are. Not without reason: there are lots of security features you probably use daily, including code autofill, password reuse auditing, Safari built-in privacy, and many more. Same for developers. For example, Apple doesn't release their source code to app developers for security reasons. And the owners of iOS devices can't modify the code on their phones themselves.

Imagine you are a Java programmer and that you just decided you want to use Snyk Open Source scanning to help you find security problems in your third party libraries. Good call! However, after connecting your repository to the Snyk Open Source scanner, you find out that you have ten or maybe even 50 vulnerabilities in the packages you depend on. The major question is: where do I start?

A recent privilege escalation heap overflow vulnerability (CVSS 7.8), CVE-2021-3156, has been found in sudo. sudo is a powerful utility built in almost all Unix-like based OSes. This includes Linux distributions, like Ubuntu 20 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2). This popular tool allows users to run commands with other user privileges.

Even before the pandemic, many companies were undergoing significant transformation as they transitioned to cloud or hybrid architectures and grappled with problems caused by tool sprawl due to the quick adoption of many disparate tools. For some, COVID-19 and the rush to remote work fueled and exacerbated these challenges.

What’s happened? Law enforcement agencies across the globe say that they have dealt a blow against Emotet, described by Interpol as “the world’s most dangerous malware”, by taking control of its infrastructure. Police have dubbed their action against Emotet “Operation LadyBird.”

In 2017, The Economist announced that the world’s most valuable resource is no longer oil – it’s data. Since the phrase “big data” was coined in the 1990s, data has become increasingly important to virtually every aspect of running a business – not to mention how we conduct our daily lives. It’s no surprise that some of the most valuable companies are also those that capture the most user data. Take Facebook, for instance.

GDPR best practices often focus on how to process and manage personal data, but companies should also consider application security to ensure compliance. The standard cliché used to be that you are what you eat. Which remains true, of course. But it’s also incomplete—so last century. Today, you are what you do online, which is almost everything.

On January 26th, 2021, Qualys reported that many versions of SUDO (1.8.2 to 1.8.31p2 and 1.9.0 to 1.9.5p1) are vulnerable (CVE-2021-3156) to a buffer overflow attack dubbed Baron Samedit that can result in privilege escalations. Qualys was able to use this vulnerability to gain root on at least Ubuntu 20.04 (Sudo 1.8.31), Debian 10 (Sudo 1.8.27), and Fedora 33 (Sudo 1.9.2), some of the most modern and widely used Linux operating systems.

AT&T Alien Labs™ has identified a new tool from the TeamTNT adversary group, which has been previously observed targeting exposed Docker infrastructure for cryptocurrency mining purposes and credential theft. The group is using a new detection evasion tool, copied from open source repositories. The purpose of this blog is to share new technical intelligence and provide detection and analysis options for defenders.