Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2024

jfrog

Everything you need to know about EvilProxy Attacks

Nov 26, 2024 By Orel Bitan In JFrog
An “Evil Proxy” is a malicious proxy server used by attackers to intercept and change the communication between a client and a legitimate server. It is also known as Phishing-as-a-Service (PhaaS), where the attackers attempt to deceive individuals into providing sensitive information such as usernames, passwords, and credit card numbers.
Read Post
jfrog

CVE-2024-10524 Wget Zero Day Vulnerability

Nov 18, 2024 By Goni Golan In JFrog
While researching CVE-2024-38428 in GNU’s Wget, our team found a new 0-day vulnerability. The vulnerability, later assigned CVE-2024-10524, may lead to various types of attacks – including phishing, SSRF, and MiTM. These attacks can have severe consequences such as resource restriction bypass and sensitive information exposure. Upon discovering this vulnerability, our team responsibly disclosed it to the Wget maintainers. A patch was released on November 11 and is included in Wget 1.25.0.
Read Post

Mastering Classified Systems Artifact Distribution to the Tactical Edge

Nov 7, 2024 By JFrog In JFrog
This JFrog webinar, hosted by our Public Sector partner Carahsoft, focused on automating the secure distribution of critical digital artifacts in air-gapped networks. For agencies, ensuring the integrity of these artifacts at the edge is paramount. Real-time access to mission-critical software for warfighters is essential, and timely software updates boost operational readiness and capabilities. Leveraging JFrog's latest tools, this approach significantly enhances operational capabilities for public sector agencies.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.