Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As cybercrime rises, businesses need to erect defenses against attacks in all their operations. Supply chains are particularly vulnerable, with cyberattacks against them increasing 42% in Q1 2021, affecting 7 million people’s data. Supply chains make ideal targets for cybercriminals since they hold sensitive data, often have large attack surfaces and are mostly unprotected. As such, they should be a focus for businesses’ cybersecurity efforts.

The recently released JFrog Xray versions 3.31 & 3.32 have brought to the table a raft of new capabilities designed to improve and streamline your workflows, productivity and user experience.

The Colonial Pipeline ransomware attack is potentially one of the worst cyberattacks to have happened this decade. A hacker group known as DarkSide stole nearly 100GB of data from the Colonial Pipeline servers before locking them down and demanding a ransom. Colonial Pipeline, with the assistance of FBI, paid around 5 million dollars to recover its systems. And it didn’t stop there.

It’s becoming more popular in 2021 to have a smart home with connected devices capable of communicating with each other. It’s expected that smart home spending will reach more than $141 billion by 2023, and the number of smart homes will surpass 300 million by 2023. Some connected home trends are dominating the headlines in 2021, including more tech for the fitness-conscious, multifamily smart homes, and a higher level of security and privacy in connected homes.

Someone in your organization gets an email with an attached document. The sender seems legitimate, but when they click on the link, it’s not what it claims to be. Soon your organization’s data is encrypted and you receive a message: pay a ransom to the attackers if you want the decryption key. You’ve just been the victim of a ransomware attack. Ransomware has become a major attack vector in 2021.

As we’ve all learned, often the hard way, amazing tech has introduced not-so-amazing risks: viruses, hacks, and leaks, to name a few. A data breach or cyber attack can happen at any moment, to individuals or businesses of any size – and attackers do not discriminate.

Snyk Code is the static application security testing (SAST) solution from Snyk, and it introduces some revolutionary technologies into the SAST space. It is based on the research and technologies developed by a spin-off from the ETH (Zurich/Switzerland), DeepCode which joined Snyk at the end of 2020.

Over the last 18 months, cloud application use has skyrocketed, with the average organisation with 500-2,000 employees now using 805 different cloud applications. This is a staggering level of new risk for CISOs to get their heads around. At the same time that cloud use has grown, so too have the efforts of malicious actors to target cloud applications which are all too often poorly secured and present a constant opportunity of unsecured data to compromise.

When we think about cyberattacks and malicious hackers, we often think in terms of our own personal lives and our own organizations. In my experience in cybersecurity, I often hear people say “Why would hackers target me?

Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful social engineering attack needs to convince users to interact with malicious content. A successful attack could give an attacker an entry point within an organization.