This is the fifth video in a series describing how WhiteSource can integrate with Artifactory to detect open source artifacts and their known vulnerabilities and licensing risks. This video will focus on how to Mend can detect and block malicious packages such as ua-parser-js.

As a new Snyk customer, do you want to get started with Snyk while following best practices? Or are you interested in learning about: Account set up strategies SSO and user provisioning Notification and automation settings and more...

Learning about phone scams allows you to be better prepared any time a scammer calls. Learn signs of a scam call and how to respond in our video!

Learn how to export your data from your LastPass account and import it into your 1Password account.

For web applications with a login, it is kind of obvious that you cannot achieve a high coverage without logging in. Any experienced tester would be able to recognize this immediately. And even for blackbox scans, most developers would use a login to improve their code coverage.

Detecting a crypto (bitcoin, monero, etc.) miner malware is essential to prevent a cryptojacking attack. Learn how to detect and prevent these mining attacks! Cryptojacking is a cybercrime in which another party’s computing resources are hijacked to mine cryptocurrency.#CryptoJacking, which is also referred to as malicious cryptomining, lets hackers mine crypto currency (like bitcoin, monero, ethereum, etc.) without paying for electricity, hardware and other mining resources.

Unknown threat actors observed hiding malware execution behind a legitimate Windows support binary. S3 buckets now encrypted by default. Powerful Android malware targeting banking applications. End of life for WIndows Server 2008.

In this episode of AppSec Decoded—the first of two conversations on the “Software Vulnerability Snapshot” report— we discuss the research and purpose behind the report.

See how CrowdStrike Managed Detection and Response (MDR) achieved the highest detection coverage (99%) in the 2022 MITRE Engenuity ATT&CK Evaluations for Security Service Providers, accurately and conclusively reporting 75 of the 76 adversary actions and identifying the threat actor in minutes.

The term of the day is DDoS-for-hire, a service that allows anyone to purchase and carry out a distributed denial of service (DDoS) attack. This type of service is modeled after the Software as a service (SaaS) business model and is often profitable because it allows the operator of an Internet of Things (IoT) botnet to conduct a cost-effective attack.