Analyzing the Hidden Danger of Environment Variables for Keeping Secrets

Credit to Author: David Fiser| Date: Wed, 17 Aug 2022 00:00:00 +0000

While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows.

Read more

What Exposed OPA Servers Can Tell You About Your Applications

Credit to Author: Magno Logan| Date: Tue, 16 Aug 2022 00:00:00 +0000

This blog entry discusses what an OPA is and what it’s for, what we’ve discovered after identifying 389 exposed OPA servers via Shodan, and how exposed OPAs can negatively impact your applications’ overall security.

Read more

Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users

Credit to Author: Daniel Lunghi| Date: Fri, 12 Aug 2022 00:00:00 +0000

We found APT group Iron Tiger’s malware compromising chat application Mimi’s servers in a supply chain attack.

Read more

Event-Driven Architectures & the Security Implications

Credit to Author: Sterling Davis| Date: Fri, 12 Aug 2022 00:00:00 +0000

This article explores event-driven architecture (EDA) with a detailed definition and explains how EDA offers many essential benefits to developers. It concludes with an outline of some best practices for mitigating security concerns.

Read more

Cyber Insurance Coverage Checklist: 5 Security Items

Credit to Author: Vince Kearns| Date: Thu, 11 Aug 2022 00:00:00 +0000

Explore 5 security considerations in-line with cyber insurance requirements to renew or obtain a policy while reducing your cyber risk.

Read more

CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies

Credit to Author: Jaromir Horejsi| Date: Thu, 11 Aug 2022 00:00:00 +0000

We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension.

Read more