Attacks Analysis Archives

14 Apr AI SAST: How to Secure AI Code Before It Ships

Posted at 12:18h in Attacks Analysis, Code Security, Open-Source Security, SDLC by Fátima Said 0 Comments

Learn DevSecOps best practices and practical DevSecOps steps for secure CI/CD. Discover how to implement DevSecOps with real automation. ...

how-can-malicious-code-do-damage-how-can-malicious-code-cause-damagewhich-of-the-following-may-indicate-a-malicious-code-attack

10 Apr How Can Malicious Code Do Damage?

Posted at 12:03h in Attacks Analysis, Code Security, Open-Source Security, SDLC by Fátima Said 0 Comments

Learn DevSecOps best practices and practical DevSecOps steps for secure CI/CD. Discover how to implement DevSecOps with real automation. ...

polyfill-attack-polyfill-supply-chain-attack-software-supply-chain-attacks

23 Oct Unmasking the Polyfill Attack: A Deep Dive

Posted at 17:53h in Attacks Analysis, Open-Source Security by Fátima Said 0 Comments

Protect your systems from the Polyfill attack and prevent future software supply chain attacks with real-time monitoring, dependency management, and proactive security measures....

11 Jun The Most Infamous Malware Attacks in History

Posted at 17:09h in Attacks Analysis by Fátima Said 0 Comments

Explore the most infamous malware attacks in history and their impact on cybersecurity. Learn how to protect against these threats ...

29 May NPM flooding case-study: “Down the Rabbit Hole looking for a Tea”

Posted at 13:53h in Attacks Analysis by José Antonio Garcel 0 Comments

Discover the intriguing NPM flooding case-study "Down the Rabbit Hole looking for a Tea" by José Antonio Garcel Díaz, revealing hidden anomalies and security insights. Read the full article now! ...

16 May Identifying and Managing Software Dependencies Attacks

Posted at 17:10h in Attacks Analysis, Open-Source Security by Fátima Said 0 Comments

Discover how to identify and defend against all types of software dependency attacks....

16 May Typosquatting vs. Copycat Packages: Understanding the Differences

Posted at 16:00h in Attacks Analysis, Open-Source Security by Fátima Said 0 Comments

Understand the differences between typosquatting and copycat packages, both tactics used to deceive users into downloading malicious software....

What-is-Malicious-Code-types-of-malicious-code

16 Apr What is Malicious Code and How Does it Work?

Posted at 17:44h in Attacks Analysis, SDLC by Fátima Said 0 Comments

Discover the insidious world of malicious code: from backdoors to ransomware. Learn how to safeguard your digital assets with advanced cybersecurity measures. Spotlighted in 'Software Supply Chain Security Deep-Dive,' we redefine cybersecurity with innovative solutions and real-time protection. ...

30 Jan The Ledger Attack: draining hardware cryptowallets

Posted at 13:00h in Attacks Analysis by Luis Rodríguez 0 Comments

Delve into the Ledger Attack, a spear-phishing SSC incident dissected by Xygeni's expert Luis Manuel Rodriguez Berzosa, revealing lessons in security, impact assessment, and incident response. ...

25 Jan 10 Malicious NPM Packages Uncovered: A Wake-up Call to Software Supply Chain Security

Posted at 19:22h in Attacks Analysis, Software Supply Chain by Jesús Cuadrado 0 Comments

Uncover malicious NPM packages and fortify your software supply chain with Xygeni's Early Warning Service. 10 malicious NPM packages were discovered and a new threat vector, djs13-fetcher, was identified. Learn how to protect your business from these threats. ...

15 Sep Strengthening Telco Defenses Against Supply Chain Attacks

Posted at 08:59h in Attacks Analysis, SDLC, Software Supply Chain by Jesús Cuadrado 0 Comments

Uncover the risk of supply chain attacks on telecoms, safeguard data, and embrace Software Bill of Materials (SBOM) for supply chain security....

26 Jul Bad.Build: The Latest Google Cloud Bug Threatening the Software Supply Chain

Posted at 11:29h in Attacks Analysis, Software Supply Chain by Miguel Angel Mederos 0 Comments

IntroductionOrca Security has recently identified a design flaw in Google Cloud Build service, named "Bad.Build." This flaw poses a serious security risk as it enables attackers to execute Privilege Escalation, granting them unauthorized entry into Google's Artifact Registry's code repositories.The consequences of this vulnerability extend...

Attacks Analysis