MUT-1244 targeting security researchers, red teamers, and threat actors https://www.helpnetsecurity.com/2024/12/16/mut-1244-targeting-security-researchers-threat-aws-wordpress-data-theft/ #cryptojacking #Don'tmiss #Checkmarx #datatheft #WordPress #Hotstuff #phishing #Datadog #GitHub #News

ZAP has joined forces with Checkmarx

This is a huge investment (and vote of confidence) in ZAP and will secure the project’s future success!

https://www.zaproxy.org/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/

Внедряем DevSecOps в процесс разработки. Часть 5. Этап Deploy-time Checks, обзор инструментов

Привет! На связи Олег Казаков из Spectr . В предыдущей части я рассказал о тестировании функционала на уязвимость до его попадания на продакшн. По итогам предыдущих статей мы можем проверить код на безопасность, собрать безопасные билды, проверить функционал на наличие уязвимостей. Теперь нам ничего не мешает развернуть данное приложение на продакшне. Сегодня я расскажу о заключительном этапе DevSecOps — Deploy-time Checks. Узнать больше о DevSecOps

https://habr.com/ru/companies/spectr/articles/837018/

Checkmarx Announces Partnership With Wiz – Source: www.darkreading.com https://ciso2ciso.com/checkmarx-announces-partnership-with-wiz-source-www-darkreading-com-2/ #rssfeedpostgeneratorecho #DarkReadingSecurity #CyberSecurityNews #DARKReading #announces #Checkmarx

Malware Upload Attack Hits PyPI Repository https://www.securityweek.com/malware-upload-attack-hits-pypi-repository/ #SupplyChainSecurity #Malware&Threats #Checkmarx #PyPI

Malware Upload Attack Hits PyPI Repository https://www.securityweek.com/malware-upload-attack-hits-pypi-repository/ #SupplyChainSecurity #Malware&Threats #Checkmarx #PyPI

Checkmarx uncovers persistent Python package threat https://www.developer-tech.com/news/2023/nov/16/checkmarx-uncovers-persistent-python-package-threat/ #checkmarx #python #security #cybersecurity #infosec #hacking #developers #coding #programming #news #tech #technology

August 2023 Supply Chain Monthly Report https://ciso2ciso.com/august-2023-supply-chain-monthly-report/ #0CTSOCCSIRTOperationsVulnerabilities #CISO2CISONotepadSeries #checkmarx

Interesting attack vector: taking over the namespace for abandoned #S3 buckets for older versions of #FOSS artifacts.

However, a huge kudos goes out to the #Checkmarx team for going above and beyond!

"To prevent this attack from occurring elsewhere, we took over all the deserted buckets inside open-source packages we found in our search. Now when someone tries to reach the files hosted in these buckets, they will receive a disclaimer file we planted inside those buckets."

https://checkmarx.com/blog/hijacking-s3-buckets-new-attack-technique-exploited-in-the-wild-by-supply-chain-attackers

GitHub: Umbenannte Konten gefährden Tausende von Projekten
#Hacking #Checkmarx #github #Quellcodeverwaltung #RepoJacking #Repository #Softwareprojekte #SupplyChainAngriffe https://tarnkappe.info/artikel/hacking/github-umbenannte-konten-gefaehrden-tausende-von-projekten-258590.html

Checkmarx acquires open source supply chain security startup Dustico - Checkmarx, an Israeli provider of static application security testing (AST), has a... - http://feedproxy.google.com/~r/Techcrunch/~3/6d9Y6Gs4rfc/ #supplychainmanagement #supplychainattack #computersecurity #hellman&friedman #insightpartners #machinelearning #cryptography #cyberwarfare #unitedstates #supplychain #cybercrime #solarwinds #developer #checkmarx #computing #security #backdoor #software #m&a #ceo

Cycode raises $20M to secure DevOps pipelines - Israeli security startup Cycode, which specializes in helping enterprises secure t... - http://feedproxy.google.com/~r/Techcrunch/~3/VBoJSFpPtjo/ #agilesoftwaredevelopment #continuousintegration #softwaredevelopment #softwareengineering #accessmanagement #insightpartners #fundings&exits #versioncontrol #recentfunding #securitytools #unitedstates #enterprise #ylventures #bitbucket #checkmarx #security #startups #funding #jenkins #cycode #aws

Cloud is King: 9 Software Security Trends to Watch in 2021 - Researchers predict software security will continue to struggle to keep up with cloud and IoT in t... https://threatpost.com/cloud-king-software-security-trends-2021/162442/ #2021securitypredictions #cloud-nativesecurity #codeasinfrastructure #applicationsecurity #softwaresecurity #vulnerabilities #cloudsecurity #iotsecurity #developers #checkmarx #patching #iot #api

Ironpie robot vacuum can suck up your privacy - You might want to unplug this not-so-smart robot: researchers found they can watch video streams p... more: https://nakedsecurity.sophos.com/2020/03/02/ironpie-robot-vacuum-can-suck-up-your-privacy/ #2-factorauthentication #internetofthings #securitythreats #vulnerability #rsaconference #trifoironpie #robotvacuum #smartvacuum #checkmarx #perceptin #privacy #robots #shodan #webcam #iot #rsa

Parents, it’s time to delete Pet Chat from your child’s LeapPad - LeapFrog has done lots to fix the security of the LeapPad. Now all that's left is for parents to s... more: https://nakedsecurity.sophos.com/2019/08/09/parents-its-time-to-delete-pet-chat-from-your-childs-leappad/ #rogueaccesspoint #cryptography #locationdata #leapsearch #checkmarx #children #leapfrog #tracking #privacy #leappad #petchat #tablets #mobile #https #mitm

Wer hätte das gedacht?
#Amazon #Echo #Alexa #Wanze #Ueberwachung #CheckMarx

https://www.pcwelt.de/a/sicherheit-forscher-machen-amazon-echo-zur-wanze,3450610