Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

SDLC Security: It's Personal for JFrog

The SolarWinds hack, which has affected high-profile Fortune 500 companies and large U.S. federal government agencies, has put the spotlight on software development security — a critical issue for the DevOps community and for JFrog. At a fundamental level, if the code released via CI/CD pipelines is unsafe, all other DevOps benefits are for naught.

Share Datadog dashboards securely with anyone outside of your organization

Datadog dashboards provide a unified view of your application, infrastructure, and business data, giving stakeholders the context they need to make decisions. Sharing dashboards publicly is useful when you want to make them easily accessible to a large audience. But oftentimes, your dashboards include sensitive information, which is why you need finer-grained controls over the data you share—and who you share it with.

'Tis the season for session hijacking - Here's how to stop it

The air is getting colder, leaves are falling from the trees, and people everywhere are settling in for the holiday season. Which means one thing - increased cybersecurity vulnerability. With more aspects of the winter holidays relegated to online platforms this year, people everywhere are more susceptible to cyberattacks. Luckily, there are plenty of simple steps you can take to protect yourself from digital threats and online scams.

Sunburst - what you need to know in order to detect and respond, in simple terms

The cyber attack unfolding in the US may turn out to be the most serious nation-state espionage campaign in history The Bulletproof SOC is actively monitoring the situation regarding SolarWinds and the Sunburst attack as with all new attacks. We do this to ensure we have a clear understanding of the potential threat to our customers and to build better innovative detection mechanisms, maintaining a prime position to support our customers as a true extension to their team.

Trickbot Malware-as-a-service

First identified in late 2016, 'Trickbot' evolved from being a well-established banking trojan into a malware-as-a-service (MaaS) threat utilized by both cybercriminals and nation-state threat actors for predominantly financially motivated campaigns. Supporting modular components, Trickbot campaigns will differ based on the requirements of the MaaS 'customer' with many being used to steal personal and financial data as well as deploying ransomware threats, such as 'Conti' and 'Ryuk', to victims.

Vendor due diligence: Protect yourself from third-party breaches

The most dependable cybersecurity strategies involve assiduously monitoring for external attack vectors. But if this is the only dimension you are monitoring, your internal networks could be compromised while your back is turned. The threat of a cyberattack is not only on the external front, many data breaches occur through compromised vendors, even highly reputable ones. To prevent cyber criminals from accessing your sensitive data through breached vendors, read on.

Card-Not-Present Fraud: 4 Security Considerations for Point of Sale Businesses

As the retail world’s center of gravity shifts to the cloud, payment card fraud has followed suit. According to Verizon’s retail vulnerabilities study, attacks against e-commerce applications are by far the leading cause of retail data breaches. This trend mirrors similar outcomes in other industries, like food service. A complimentary Verizon study finds remote attacks against food service operators on the rise, as well.

Compliance Tools: Choosing the Right Solutions

Making sure your environment is compliant with regulatory requirements can be a challenge. No matter your company’s size or industry, ensuring you have the required security controls is never a set-it-and-forget-it process. With your IT environment, your user base and the threat landscape evolving all the time, you have to adjust constantly. Indeed, with so much to keep track of, even your best efforts at keeping your company compliant can fall short, unless you have help.

New Vulnerability Exposes Kubernetes to Man-in-the-Middle Attacks: How to Mitigate CVE-2020-8554

A few weeks ago a solution engineer discovered a critical flaw in Kubernetes architecture and design, and announced that a “security issue was discovered with Kubernetes affecting multi-tenant clusters. If a potential attacker can already create or edit services and pods, then they may be able to intercept traffic from other pods (or nodes) in the cluster.” If a hostile user can create a ClusterIP service and set the spec.externalIP field, they can intercept traffic to that IP.

Lessons to Learn from the Latest Business Email Compromise Scam and AZORult Stealer

Ever heard of AZORult? Sounds like some nerdy stuff. I am not gonna lie, it slightly is! It is a trojan that steals various data including login credentials, browser history, cookies, and more. The history of AZORult is well known by those in the cyber security industry. AZORult was initially discovered back in 2016. As the years passed, we saw some of its ongoing malicious attacks.