Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

alienvault

Is fighting cybercrime a losing battle for today's CISO?

Jan 12, 2022 By Theresa Lanowitz In AT&T Cybersecurity

At times, the quest to stay on top of web application security can seem futile. It seems as though the adversaries are always a step ahead, and all we can do is try our best to contain the breaches. In this blog, we’ll look at the root causes of concern for today's CISO and share some practical strategies to deter cybercriminals.

Read Post
cyberint

2022 Cybersecurity Predictions

Jan 12, 2022 By Yuval Shapira and Shmuel Gihon In Cyberint
Moving into 2022, looking back at the plentiful year of 2021, regarding security, we at the Cyberint Research Team will try and shed some light on the upcoming year: the key security risks and threats, and what we feel will change in the coming year. We will focus on the actions required to be as vigilant and protected as possible.
Read Post

What You Should Know About npm Packages 'colors' and 'faker'

Jan 12, 2022 By Snyk In Snyk
On January 8, 2022, the open source maintainer of the wildly popular npm package colors, published colors@1.4.1 and colors@1.4.44-liberty-2 in which they intentionally introduced an offending commit that adds an infinite loop to the source code. The infinite loop is triggered and executed immediately upon initialization of the package’s source code, and would result in a Denial of Service (DoS) to any Node.js server using it.
View Video
Snyk

New years resolution: Don't show my security tokens when hacking my demo application on stage

Jan 12, 2022 By Brian Vermeer In Snyk

Traditionally, we start the new year with resolutions. We want to do more good things, like working, other things we try to eliminate. Considering the latter, my 2022 resolution is to stop accidentally exposing confidential information while I hack my application during demos on stage or similar. Yes, this new years resolution sounds very specific, and it has an excellent security horror story behind it…

Read Post
sysdig

Malicious modifications to open source projects affecting thousands - Sysdig Secure

Jan 12, 2022 By Alberto Pellitteri In Sysdig

In the early days of 2022, two extremely popular JavaScript open source packages, colors.js, and faker.js, were modified to the point of being unusable. The reason for this event can be traced to various motivations, but what is worth mentioning is that several applications that employed those dependencies were involved. The two impacted packages can be used for different purposes in JavaScript applications. colors.js enables color and style customization in the node.js console.

Read Post
SecurityScorecard

How to Improve Your Vendor Due Diligence Process (with Security Ratings)

Jan 12, 2022 By SecurityScorecard In SecurityScorecard

You can't do business without your vendors. They support critical elements of your organization, from cloud storage services to payment processing to physical items like office supplies or physical components. Your vendors make your organization run more efficiently – but sometimes at a risk to your financial, reputational and operational resiliency.

Read Post

Search History

Jan 12, 2022 By Egnyte In Egnyte
Easily access your search history to quickly find the Egnyte content you’ve looked for previously. Whether your past search took place on the Web UI, desktop, or mobile, Egnyte remembers past queries and search filters. You’ll be able to quickly review old searches, adjust any previously added filters, and track down the content you need. Locate your files and folders effortlessly using Egnyte’s search history!
View Video

Endpoint Enigma | Is 2022 the Beginning of the End of On-Prem Security?

Jan 12, 2022 By Lookout In Lookout
Nearly two years after we were forced to experiment with remote work, 2022 will be an inflection point for both threats and cybersecurity solutions. Tune into our annual predictions episode to hear what Lookout CTO of SASE Products Sundaram Lakshmanan thinks will happen next year. We'll be discussing everything from software supply chains to threat hunting and data protection.
View Video

Endpoint Enigma | Let's Get Real About Zero Trust: How To Assess Your Security Posture

Jan 12, 2022 By Lookout In Lookout
While most of us understand Zero Trust conceptually, the path to Zero Trust is a complex and constantly evolving journey. In this episode, host Hank Schless is joined by Andy Olpin, Solutions Engineer at Lookout to scale back all the marketing noise surrounding the term and discuss how organizations can pragmatically get started with Zero Trust.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.