Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques

Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers. Cyber espionage groups and financial threat actors continue to adopt the latest cutting-edge application whitelisting bypass techniques and introduce innovative obfuscation into their phishing lures. Read full news article on FireEye Blog … Read more

Sonatype Acquires Vor Security to Expand Nexus Open-Source Component Support

Sonatype announced the acquisition of Vor Security to extend their open-source component intelligence solutions’ coverage to include Ruby, PHP, CocoaPods, Swift, Golang, C, and C++. Sonatype, well known as the creators of artifact repositories Apache Maven and Nexus, have extended their previously Java, JavaScript, .Net and Python centric component intelligence capabilities to include the new … Read more

Food Supplier Passes Squid Off as Octopus

Food Supplier Passes Squid Off as Octopus According to a lawsuit (main article behind paywall), “a Miami-based food vendor and its supplier have been misrepresenting their squid as octopus in an effort to boost profits.” Tags: Read full news article on Schneier on Security  

So You Think You Can Spot a Skimmer?

This week marks the 50th anniversary of the automated teller machine — better known to most people as the ATM or cash machine. Thanks to the myriad methods thieves have devised to fleece unsuspecting cash machine users over the years, there are now more ways than ever to get ripped off at the ATM. Read … Read more

The ‘slow-burn’ cost of a cyber attack

Businesses have been warned that they may be hit for damages in multiple ways after being affected by a cyber-attack. A new report by Lloyd’s of London says there are two different costs linked to a cyber-attack: Read full news article on BetaNews  

How to Achieve Continuous Container Security for Your CI/CD Pipeline

Integrate and Automate Security in Your Build, Ship, & Run Processes As enterprises move quickly to deploy containers and microservices with a continuous integration and delivery (CI/CD) pipeline, security often becomes an afterthought. DevOps and security teams should also strive to achieve continuous container security in the pipeline. Read full news article on DABCC