Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Join WatchGuard CSO Corey Nachreiner and Director of Security Operations Marc Laliberte as they discuss key findings from the WatchGuard Threat Lab’s Q1 2025 Internet Security Report. They’ll cover the latest malware and network attack trends targeting small and mid-sized enterprises and defensive tips you can take back to your organization to stay ahead of modern threat actor tactics.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

#shorts

Teleport VNet automatically proxies connections from your computer to TCP apps available through Teleport. "Just turn it on!" In this video, I'll explain how Teleport VNet works, I'll give you some practical examples, and share what's coming soon.

Credit card skimmers can steal your card information without you even realizing it. Watch this short video to learn how to spot a credit card skimmer, what to do if you’ve been skimmed and how to protect yourself from fraud.

In this BDRCloud Demo, I'll show you how to configure a backup for Microsoft 365 User Mailbox and how to restore the data.

Learn the fundamentals of Disaster Recovery in this insightful webinar led by Jason Taylor, Senior Cybersecurity Program Analyst at Sedara. He covers what disaster recovery is, common causes of disasters, response and recovery workflows (BCP, IR, and DR), the seven key steps to building a DR plan, recovery playbooks, and how to create an effective DR project plan. A must-watch for IT and security teams preparing for the unexpected.

This week’s briefing covers: New MORE_EGGS campaign continues recruiting themes KTA032 (FIN6) has begun a new campaign using the MORE_EGGS JavaScript backdoor which continues its themes surrounding fake resumes leading to the malware deployment. The actor engaged with organization recruiters which led to emails containing a malicious domain (often containing the fake applicant’s first and last name). The domain contains several defense evasion techniques to avoid automated analysis tools from scanning.

CSRF is a web security vulnerability that tricks users into performing unwanted actions on a website where they are already authenticated like changing account settings or making a purchase without their knowledge. In this video, we explain how CSRF attacks work and how attackers exploit user trust to hijack authenticated sessions.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.