%term

Taking the Pain Out of Vendor Risk Assessments

Jul 15, 2021 By Robert DeStefano In SecurityScorecard

Supply chains are an essential part of today’s on-demand economy. However, they also expand your ecosystem, increasing the threat surface that you need to secure. While compliance assessments document vendor controls and enable you to manage third-party risk, responding to and completing them takes time. These delays can make your procurement team feel like you’re trying to disqualify their vendor.

Read Post

SecurityScorecard

Read more about Taking the Pain Out of Vendor Risk Assessments

Appknox Webinar: Secure Coding Practices to Prevent Vulnerabilities in SDLC

Jul 15, 2021 By Harshit Agarwal In Appknox

Continuing on the successful webinar journey, last week Appknox hosted a webinar on "Secure Coding Practices to Prevent Vulnerabilities in SDLC." Focusing on secure coding best practices, our experts busted several myths and misconceptions regarding mobile app security in the webinar and highlighted several client-side misconfigurations which generally go unnoticed by the app developers.

Read Post

Appknox

Read more about Appknox Webinar: Secure Coding Practices to Prevent Vulnerabilities in SDLC

How Packages' External Resources Threaten Your Supply Chain

Jul 15, 2021 By Maciej Mensfeld In Mend

Many developers already know that in some ecosystems, open source dependencies might run their custom code from packages when they are being installed. While this capability can be used for both good and evil, today we’ll focus on a legit use case that, when misused, can escalate and be used to compromise your organization’s supply chain. If you haven’t guessed yet, I’m talking about downloading and linking external dependencies during the install process.

Read Post

Mend

Read more about How Packages' External Resources Threaten Your Supply Chain

SonicWall SMA/SRA Ransomware Infection Vector

Jul 15, 2021 By Cyberint Research In Cyberint

Seemingly favored by many big game hunter ransomware threat groups, VPN and network infrastructure devices are regularly used as the initial attack vector, especially given that some organizations neglect to include 'hardware' appliances within their patch and update regimes.

Read Post

Cyberint

Read more about SonicWall SMA/SRA Ransomware Infection Vector

Protect Your Retail Supply Chain Against Cyber Attacks

Jul 15, 2021 By SecurityScorecard In SecurityScorecard

The consumer goods and retail industry stores customer data in various digital platforms across multiple third-party vendors. This environment is perfect for cybercriminals to look for weak points to gain access to valuable customer data. Oftentimes, cybersecurity teams are focused too much on securing their own organization from the outside. As hacker techniques become more widespread and sophisticated, organizations must be able to see not only their own security posture but also their third parties’ from the viewpoint of the hackers’. What do hackers see and where are the weak points?

View Video

SecurityScorecard

Read more about Protect Your Retail Supply Chain Against Cyber Attacks

Stranger Danger Live Hack! Your Java Attack Surface Just Got Bigger

Jul 15, 2021 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about Stranger Danger Live Hack! Your Java Attack Surface Just Got Bigger

Devoxx4Kids: Empowering young Java developers and creating future industry stars

Jul 15, 2021 By Brian Vermeer In Snyk

Recently, we released the JVM Ecosystem Report 2021. This annual report is full of interesting facts about the current state of the Java ecosystem. If you haven’t seen it yet, you should give it a read. Don’t forget to download the full PDF for all the insightful information.

Read Post

Snyk

Read more about Devoxx4Kids: Empowering young Java developers and creating future industry stars

How to Monitor for Cryptomining in the Cloud

Jul 15, 2021 By CrowdStrike In CrowdStrike

This video will demonstrate how Falcon Horizon’s policy assessments can help organizations identify suspect behaviors indicative of cryptomining attacks in their public cloud deployments.

View Video

CrowdStrike

Read more about How to Monitor for Cryptomining in the Cloud

Accelerate Hybrid Threat Protection Using Sumo Logic Cloud SIEM powered by AWS

Jul 15, 2021 By Girish Bhat In Sumo Logic

It has been off to the races for the Sumo Logic and AWS teams since the general availability of the Sumo Logic Cloud SIEM powered by AWS solution on June 1, 2021. We are excited for the overwhelming response from customers from across all segments, industries and geographies.

Read Post

Sumo Logic

Read more about Accelerate Hybrid Threat Protection Using Sumo Logic Cloud SIEM powered by AWS

Cloud Threats Memo: Hancitor Continues Exploiting DocuSign and Google Docs Templates

Jul 15, 2021 By Paolo Passeri In Netskope

Hancitor continues to exploit fake DocuSign emails to lure new victims. Researchers from Cofense have discovered yet another campaign distributing it, and apparently, that’s not the only one.

Read Post

Netskope

Read more about Cloud Threats Memo: Hancitor Continues Exploiting DocuSign and Google Docs Templates

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Taking the Pain Out of Vendor Risk Assessments

Appknox Webinar: Secure Coding Practices to Prevent Vulnerabilities in SDLC

How Packages' External Resources Threaten Your Supply Chain

SonicWall SMA/SRA Ransomware Infection Vector

Protect Your Retail Supply Chain Against Cyber Attacks

Stranger Danger Live Hack! Your Java Attack Surface Just Got Bigger

Devoxx4Kids: Empowering young Java developers and creating future industry stars

How to Monitor for Cryptomining in the Cloud

Accelerate Hybrid Threat Protection Using Sumo Logic Cloud SIEM powered by AWS

Cloud Threats Memo: Hancitor Continues Exploiting DocuSign and Google Docs Templates

Monthly Archive

Follow Us