Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

#shorts

Teleport VNet automatically proxies connections from your computer to TCP apps available through Teleport. "Just turn it on!" In this video, I'll explain how Teleport VNet works, I'll give you some practical examples, and share what's coming soon.

Credit card skimmers can steal your card information without you even realizing it. Watch this short video to learn how to spot a credit card skimmer, what to do if you’ve been skimmed and how to protect yourself from fraud.

In this BDRCloud Demo, I'll show you how to configure a backup for Microsoft 365 User Mailbox and how to restore the data.

Learn the fundamentals of Disaster Recovery in this insightful webinar led by Jason Taylor, Senior Cybersecurity Program Analyst at Sedara. He covers what disaster recovery is, common causes of disasters, response and recovery workflows (BCP, IR, and DR), the seven key steps to building a DR plan, recovery playbooks, and how to create an effective DR project plan. A must-watch for IT and security teams preparing for the unexpected.

This week’s briefing covers: New MORE_EGGS campaign continues recruiting themes KTA032 (FIN6) has begun a new campaign using the MORE_EGGS JavaScript backdoor which continues its themes surrounding fake resumes leading to the malware deployment. The actor engaged with organization recruiters which led to emails containing a malicious domain (often containing the fake applicant’s first and last name). The domain contains several defense evasion techniques to avoid automated analysis tools from scanning.

CSRF is a web security vulnerability that tricks users into performing unwanted actions on a website where they are already authenticated like changing account settings or making a purchase without their knowledge. In this video, we explain how CSRF attacks work and how attackers exploit user trust to hijack authenticated sessions.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Most vulnerability tools flood teams with static scores and long lists but ExPRT.AI changes the game by predicting what adversaries are most likely to exploit. This demo drill down shows how ExPRT.AI dynamically scores risk across asset types, network exposures, and third-party findings. You’ll see how it re-prioritizes vulnerabilities based on real-world telemetry, attacker behavior, and environmental context including a Tenable example.