Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

alienvault

Lazarus campaign TTPs and evolution

Jul 6, 2021 By Fernando Martinez In AT&T Cybersecurity

AT&T Alien Labs™ has observed new activity that has been attributed to the Lazarus adversary group potentially targeting engineering job candidates and/or employees in classified engineering roles within the U.S. and Europe. This assessment is based on malicious documents believed to have been delivered by Lazarus during the last few months (spring 2021). However, historical analysis shows the lures used in this campaign to be in line with others used to target these groups.

Read Post
Snyk

Tips and best practices for building secure container images

Jul 6, 2021 By Matt Jarvis In Snyk

When you start scanning your container images, it can be disconcerting to discover that you have large numbers of vulnerabilities. Below is a scan I did last week on a vulnerable node image that I built. While a fairly extreme example, you can see that this image out of the box is showing as having over 800 vulnerabilities in it.

Read Post

Learning application security by finding and fixing insecure code in OWASP NodeGoat

Jul 6, 2021 By Snyk In Snyk
Wouldn't it be great if we, developers, learn about application security by training on purposely-built vulnerable applications rather than finding our mistakes in production? Yes, we think so too. In this session, we welcome Priscila Oliveira, Software Engineer at Sentry and core contributor of open source npm proxy project Verdaccio, to chat about her appsec experiences as developer, and learn together about secure coding practices, how to hack a live application, open source vulnerabilities and how to fix them.
View Video
sumologic

Sumo Logic Named a Visionary in the 2021 Gartner Magic Quadrant for SIEM for the First Time

Jul 6, 2021 By Girish Bhat In Sumo Logic
The Sumo Logic team is excited to announce that it has been named a Visionary in the Gartner 2021 Magic Quadrant for Security Information Event Management (SIEM). We believe our placement in the Visionary quadrant reflects the value and success our customers have realized by using our cloud-native security platform and the innovative ways in which it solves SIEM and modern security operations use cases.
Read Post
upguard

What is Ransomware as a Service (RaaS)? The dangerous threat to world security

Jul 6, 2021 By Edward Kost In UpGuard

Ransomware attacks are on a steep upward trend and the gradient isn't softening its progression. In Q3 2020, ransomware attacks have increased globally by 40% to 199.7 million cases. In the U.S. alone, attacks have increased by 139% year-over-year, totaling 145.2 million cases in Q3 2020. The impetus to the sudden recent spike in ransomware attacks, was the dramatic shift from a linear attack model, to an insidious multi-dimensional Ransomware as a Service model.

Read Post

Flexible Pricing to Address the Evolving MSP Business

Jul 6, 2021 By WatchGuard In WatchGuard
As MSPs prepare for the shift to hybrid work environments, it is more important than ever to have the pricing and packaging model you and your customers need. The more options you have, the more competitive you can be in the market. It's critical that service providers find vendors the flexibility you need to scale your business.
View Video

Use the Jenkins Credentials Binding Plugin to Protect Your Veracode Credentials

Jul 6, 2021 By Veracode In Veracode
In this video, you will learn how to: You can use the Jenkins Credentials Binding Plugin to hide your Veracode API credentials from the Jenkins interface and logs. You use the plugin to associate, or bind, your Veracode API credentials to environment variables and save them to the Jenkins credentials store. During a build, Jenkins uses the environment variables to secretly access your credentials. The Jenkins interface and logs only show the bound environment variables.
View Video

AppSec Decoded: The state of mobile application security during the pandemic | Synopsys

Jul 6, 2021 By Synopsys In Synopsys
In this episode of AppSec Decoded, we spoke with Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Center (CyRC), to learn about the state of mobile application security during the pandemic. The information is based on a new Synopsys report, "Peril in a Pandemic: The State of Mobile Application Security."
View Video

Protecting and Managing Microsoft 365 Data

Jul 6, 2021 By Rubrik In Rubrik
Microsoft 365 provides tools to assist with compliance, but they don’t provide native backup and recovery - they recommend customers backup their data with third-party applications. Rubrik’s SaaS-based approach to data protection for Microsoft 365 ensures critical data is secured, easily discoverable, and always accessible.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.