Technology

Popular JavaScript Library ua-parser-js Compromised via Account Takeover

Oct 22, 2021 By Maciej Mensfeld In Mend

A few hours ago, an npm package with more than 7 million weekly downloads was compromised. It appears an ATO (account takeover) occurred in which the author’s account was hijacked either due to a password leakage or a brute force attempt (GitHub discussion).

Read Post

Mend

Read more about Popular JavaScript Library ua-parser-js Compromised via Account Takeover

Securing Google Cloud Platform with Sysdig

Oct 22, 2021 By Sysdig In Sysdig

Together with Google Cloud, Sysdig reduces your cloud security risk. So you can confidently run your workloads on Google Cloud. Get started in minutes with Sysdig SaaS, and simplify security, compliance, and monitoring. Accelerate your growth with NO backend data management. # CSPM Sysdig is your centralized safe place to enhance cloud security posture. # Threat detection Plug in Google Cloud Audit logs And get started quickly with our out-of-the-box Falco rules.

View Video

Sysdig

Read more about Securing Google Cloud Platform with Sysdig

How can I secure my Android app's code?

Oct 22, 2021 By Tom Colvin In Conseal Security

Android is the world’s most widely used operating system. And we’re huge fans of it here at Conseal. But building Android apps can present some unique security challenges to developers. These may be for example as a result of the way that Android operates, the hardware that runs it, or its Linux heritage. This blog post outlines some of the things that our code auditors and penetration testers look for when reviewing Android apps for security vulnerabilities.

Read Post

Conseal Security

Read more about How can I secure my Android app's code?

Could your kids spot this mobile phish?

Oct 22, 2021 By Tracy Hillstrom In WatchGuard

I realized early on that if I didn’t teach my kids how to identify and avoid likely attacks on their laptops and phones, that no one would. Nevertheless, when I see an opportunity for a “teachable security moment” I grab it, and last week this mobile phishes appeared on my phone. I captured a screen shot to share with my children and we played a little “spot the phish” game, where they would point out all the things that made this text suspicious.

Read Post

WatchGuard

Read more about Could your kids spot this mobile phish?

Forward Networks Wins "Enterprise Cloud Computing Software of the Year" Award in 2021 Mobile Breakthrough Awards Program

Oct 21, 2021 By Forward Networks In Forward Networks

Annual Awards Recognizes Top Mobile and Wireless Companies and Solutions Around the Globe.

Read Post

Forward Networks

Read more about Forward Networks Wins "Enterprise Cloud Computing Software of the Year" Award in 2021 Mobile Breakthrough Awards Program

Getting started with Teleport DigitalOcean 1-Click Droplet

Oct 21, 2021 By Teleport In Teleport

Marketplace Link: https://marketplace.digitalocean.com/apps/teleport

View Video

Teleport

Read more about Getting started with Teleport DigitalOcean 1-Click Droplet

DBatLoader: Abusing Discord to Deliver Warzone RAT

Oct 21, 2021 By Gustavo Palazolo In Netskope

67% of the malware downloads Netskope blocks come from popular cloud applications being abused by attackers. One of the services commonly abused by threat actors is Discord, which is abused to host malware such as TroubleGrabber using public attachment URLs. In this blog post, we will analyze a recent DBatLoader (a.k.a. ModiLoader) sample that uses this technique on Discord to deliver a malware known as Warzone (a.k.a. Ave Maria), a Remote Access Trojan created in 2018.

Read Post

Netskope

Read more about DBatLoader: Abusing Discord to Deliver Warzone RAT

5 Tips for the CISO Looking to Get a Handle on Cloud Security

Oct 20, 2021 By Neil Thacker In Netskope

Over the last 18 months, cloud application use has skyrocketed, with the average organisation with 500-2,000 employees now using 805 different cloud applications. This is a staggering level of new risk for CISOs to get their heads around. At the same time that cloud use has grown, so too have the efforts of malicious actors to target cloud applications which are all too often poorly secured and present a constant opportunity of unsecured data to compromise.

Read Post

Netskope

Read more about 5 Tips for the CISO Looking to Get a Handle on Cloud Security

Internxt

Oct 20, 2021 By Internxt In Internxt

Here at Internxt, we believe that what humanity can achieve is extraordinary. We want to become a force of positive change that pushes society towards a better, brighter future. To do so, we are completely reengineering the status quo of a variety of industries, through the application of innovation in a way that’s coherent.

View Video

Internxt

Read more about Internxt

Credenxia leaps into the future with Dock's API

Oct 19, 2021 By Dock

Preparing to move towards a decentralized solution for creating and managing employee credentials, Credenxia is working with Dock to build a Proof of Concept (PoC) application to create, issue, manage, and verify credentials instantly. This PoC is now complete!

Read Post