On March 15, 2022, users of the popular Vue.js frontend JavaScript framework started experiencing what can only be described as a supply chain attack impacting the npm ecosystem. This was the result of the nested dependencies node-ipc and peacenotwar being sabotaged as an act of protest by the maintainer of the node-ipc package.
How often have you heard someone say “Cybersecurity is complicated!”? If you’re a practitioner in the cybersecurity industry you’ll have heard these words often, probably along with “…and it’s really boring too!”
Modern web frameworks can simplify the web application development process dramatically, facilitating innovation and saving time. However, their use can come at a steep price if the framework contains vulnerable or malicious third-party code. JavaScript security can help protect against the dangers of third-party code making it key for use in web frameworks.
Microsoft 365 provides a powerful document management and collaboration platform. However, with so many applications available in the platform to store and share information internally and with external parties, such as partners, contractors and vendors, ensuring proper access and data security can be a challenge. In this blog we examine how to ensure secure file sharing in Microsoft 365 and Teams.
The US Office of Management and Budget (OMB) has released a strategy to help the federal government embrace a zero-trust approach to cybersecurity.
We are living in the height of technology with no sign of stopping any time soon. Technology has access to so much of our personal information, habits, and decisions. However, we are also living in a time of accountability and compliance, in response to so much power being acquired by Big Tech. But compliance doesn’t just affect tech giants. Now there are global policies that apply to everyone from local small businesses to multi-million dollar firms.
1Password now includes full support for SSH keys, providing the easiest and most secure way for developers to manage SSH keys and use Git in their daily workflow.
The JFrog Security research team constantly monitors open-source projects to find new vulnerabilities or malicious packages and share them with the wider community to help improve their overall security posture. As part of this effort, the team recently discovered seven new security vulnerabilities in ClickHouse, a widely used open-source Database Management System (DBMS) dedicated to online analytical processing (OLAP).
By now, you’ve probably read loads of articles that discuss the COVID-19 pandemic’s impact on business, politics, the economy and much more.But what about SecOps? What permanent effects has COVID wrought on the way businesses secure IT assets? Let’s explore those questions by examining three key security trends that promise to endure long after the pandemic has finally receded.
