Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Vulnerability

I can use VS Code to hack into your development environment

Jun 8, 2021 By Snyk In Snyk
We have been witnessing an ever-growing amount of supply chain security incidents in the wild. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE. Recently, Snyk has discovered and disclosed vulnerabilities that pose a real and imminent threat to developers who use these extensions. The potential compromise is so significantly severe that a remote code execution on a developer’s machine is possible by simply tricking the developer to click a link.
View Video

Secure and manage open source risks in applications and containers with Black Duck SCA | Synopsys

Jun 4, 2021 By Synopsys In Synopsys

Learn more about Synopsys Software Integrity: https://www.synopsys.com/software-integrity.html
Subscribe: https://www.youtube.com/synopsys
Follow Synopsys on Twitter: https://twitter.com/sw_integrity

View Video
cyphere

The top 10 network security vulnerabilities for businesses in 2021

Jun 3, 2021 By Editor In Cyphere

As per UK DCMS’s data breaches survey, about 32% of businesses in the UK have faced a form of cybersecurity threat between 2018 and 2019. As a result of these network security vulnerabilities, these businesses incurred costs on lost data and many other damages that totalled £4,180.

Read Post
Snyk

Mitigating and remediating intent-based Android security vulnerabilities

Jun 2, 2021 By Kirill Efimov, Raul Onitza-Klugman In Snyk

In previous posts we explored the potential for intent-based Android security vulnerabilities and then used Snyk Code to find exploits in popular apps on the Google Play store. If you know Snyk, you also know there’s no way we can just point out vulnerabilities and not recommend fixes. Analyzing such an extensive dataset enabled us to review a lot of code.

Read Post

Outpost24 - Full stack vulnerability management and security assessment

Jun 1, 2021 By Outpost 24 In Outpost 24
We don’t think it’s fair that businesses are targets of cybercriminals. That's why we’ve created the most complete security assessment platform to help our customers tighten their 'full stack' security exposure before their business can be disrupted.
View Video
Snyk

Snyk uncovers supply chain security vulnerabilities in Visual Studio Code extensions

May 26, 2021 By Liran Tal In Snyk

We have been witnessing an ever growing amount of supply chain security incidents in the wild. Everything from open source package managers security flaws being exploited to continuous integration systems being compromised to software artifacts being backdoored. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE.

Read Post
Snyk

Deep dive into Visual Studio Code extension security vulnerabilities

May 26, 2021 By Raul Onitza-Klugman, Kirill Efimov In Snyk

To stay ahead of attackers, we constantly monitor various security threats. One of these threats — supply chain attacks — aims to compromise an organization through its software development process. Recently, a huge spike in supply chain attacks was observed — dependency confusion was discovered, the SolarWinds breach was reported and more malicious packages were flagged. This certainly drew our attention (as well as the rest of the world’s)!

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.