%term

Fake VS Code Extension on npm Spreads Multi-Stage Malware

Feb 6, 2025 By Tom Abai In Mend

In a recent discovery, our research team uncovered a fake VS-code extension—truffelvscode—typosquatting the popular truffle for VS-code extension. This extension serves as a trojan horse for multi-stage malware. This blog takes a closer look at how the malicious extension operates, its obfuscation techniques, and IOCs related to this incident.

Read Post

Mend

Read more about Fake VS Code Extension on npm Spreads Multi-Stage Malware

Semantic Versioning Explained

Feb 6, 2025 By Snyk In Snyk

Watch the full video linked below for more...

View Video

Snyk

Read more about Semantic Versioning Explained

Experience Frictionless Access Without Sacrificing Security

Feb 6, 2025 By Teleport In Teleport

Are you tired of hitting roadblocks just when you need to make critical updates? You’re rushing to resolve an issue, only to realize you’ve lost access to the Kubernetes cluster or database you need. You file a ticket, wait for IT approval, and hope it doesn’t take days—while your deadline looms. Sound familiar?

View Video

Teleport

Read more about Experience Frictionless Access Without Sacrificing Security

Shared Responsibility Model in Azure DevOps

Feb 5, 2025 By Miłosz Jesis In GitProtect

More and more organizations opt for Azure DevOps to store their source code and project data. Azure DevOps has many benefits – from rapid application deployment and problem-solving capabilities to improved collaboration and communication at the workplace. Yet, they sometimes overlook one important issue – the Shared Responsibility Model. This is a framework which outlines the responsibilities of the user and the provider in regards to security.

Read Post

GitProtect

Read more about Shared Responsibility Model in Azure DevOps

How To Migrate SUSE RKE(RKE1) to RKE2 By CloudCasa

Feb 5, 2025 By CloudCasa In CloudCasa

View Video

CloudCasa

Read more about How To Migrate SUSE RKE(RKE1) to RKE2 By CloudCasa

The Truth Behind Successful Security Operations Centers (SOC) |Secrets of AppSec Champions

Feb 4, 2025 By Mend In Mend

In this eye-opening episode, Reanna Schultz, an experienced Security Operations Center (SOC) team leader, pulls back the curtain on what makes a modern SOC truly effective. Drawing from her six-year journey through various cybersecurity roles, she reveals how SOCs serve as an organization's first line of defense against cyber threats.

View Video

Mend

Read more about The Truth Behind Successful Security Operations Centers (SOC) |Secrets of AppSec Champions

Advanced container registry scanning is now available in ARMO!

Feb 3, 2025 By Yossi Ben Naim In ARMO

Exciting news for ARMO Platform users! We’re thrilled to announce the new version of container registry scanning to our suite of security features. This powerful enhanced capability improves your container security posture by allowing you to detect vulnerabilities earlier in the development process.

Read Post

ARMO

Read more about Advanced container registry scanning is now available in ARMO!

NPM Security & Versioning: How to Keep Your Packages SAFE!

Feb 3, 2025 By Snyk In Snyk

In this video, we will be stepping through how to do security checks for your npm package as well as version management and publishing.

View Video

Snyk

Read more about NPM Security & Versioning: How to Keep Your Packages SAFE!

Why securing cloud-native applications goes beyond AppSec?

Feb 2, 2025 By Amit Schendel In ARMO

In today’s landscape of microservices, Kubernetes, and cloud environments, attacks can come from multiple vectors, with varying degrees of complexity. Understanding these vectors and how to detect them is crucial for securing your infrastructure and applications. This post will explore various attack scenarios including SQL Injection and Cluster Takeover, structured around the 4 Cs of cloud security: Cloud, Cluster (Kubernetes), Container (workload), and Code (application).

Read Post