Free and open source software (FOSS) components have become the basic building blocks of our software products, helping today’s developers build and ship innovative products faster than ever before. Many developers tend to forget that while open source licenses are free, they still come with a set of terms and conditions that users must abide by.

You work hard to produce quality applications on tight deadlines, and like every other development team out there, that often means relying on open source code to keep projects on track. Having access to plug-and-go code is invaluable when you’re racing the clock, but the accessibility of open source libraries comes with a caveat: increased risk.

Threat actors are leveraging top tier cloud apps to host phishing baits. Netskope Threat Labs has identified an ongoing O365 phishing campaign hosted in Google App Engine with the credential harvester mostly hosted in Azure App Service. This phishing campaign typically targets O365 users via phishing emails with a direct link or attachment.

Cloud misconfigurations are no laughing matter. In its “2020 Cloud Misconfigurations Report,” DivvyCloud revealed that 196 separate data breaches involving cloud misconfigurations had cost companies a combined total of approximately $5 trillion between January 1, 2018 and December 31, 2019. The problem is that those costs could be even higher; as reported by ZDNet, 99% of IaaS issues go unreported.

A phishing campaign abused both the Google App Engine and the Azure App Service to steal victims’ Microsoft Outlook credentials. Netskope observed that the attack campaign started with a shortened link distributed by a phishing email. This link redirected a recipient of the email to a Google App Engine domain.

Amazon Web Services provides its users with the ability to create temporary credentials via the use of AWS Security Token Service (AWS STS). These temporary credentials work pretty much in the same manner like permanent credentials created from AWS IAM Service. There are however two differences.

One of Bearer's super powers is anomaly detection. Anomalies are unexpected issues that happen when making an API call. These could be high error rates, unexpected response codes, latency spikes, and more. By monitoring APIs with anomaly detection, we can identify problems with an API or within your application. Anomaly detection makes debugging easier and can help you identify API performance issues that affect your end users.

Netskope, CrowdStrike, Okta, and Proofpoint are joining together to help better safeguard organizations by delivering an integrated, Zero Trust security strategy that is designed to protect today’s dynamic and remote working environments at scale.