MUT-1244 targeting security researchers, red teamers, and threat actors

A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive … Continue reading MUT-1244 targeting security researchers, red teamers, and threat actors

Organizations are knowingly releasing vulnerable applications

92% of companies had experienced a breach in the prior year due to vulnerabilities of applications developed in-house, according to Checkmarx. AppSec managers and developers share application security duties In recent years the responsibility for appli… Continue reading Organizations are knowingly releasing vulnerable applications

Flood of malicious packages results in NPM registry DoS

Attackers are exploiting the good reputation and “openness” of the popular public JavaScript software registry NPM to deliver malware and scams, but are also simultaneously and inadvertently launching DoS attacks against the service. Malici… Continue reading Flood of malicious packages results in NPM registry DoS

Phishing PyPI users: Attackers compromise legitimate projects to push malware

PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that some maintainers of legitimate projects have been compromised, and malware pub… Continue reading Phishing PyPI users: Attackers compromise legitimate projects to push malware

Vulnerability in Amazon Ring app allowed access to private camera recordings

A vulnerability in the Android version of the Ring app, which is used to remotely manage Amazon Ring outdoor (video doorbell) and indoor surveillance cameras, could have been exploited by attackers to extract users’ personal data and device’s dat… Continue reading Vulnerability in Amazon Ring app allowed access to private camera recordings

Checkmarx API Security identifies shadow and zombie APIs during software development

In Las Vegas, at Black Hat USA 2022, Checkmarx has released Checkmarx API Security, the “shift-left” API security solution. Building on the launch of Checkmarx Fusion, which prioritizes and correlates vulnerability data from across differen… Continue reading Checkmarx API Security identifies shadow and zombie APIs during software development

Black Hat USA 2022 video walkthrough

In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal Security, Adaptive Shield, Airgap, Akamai, Anomali, Arctic Wolf Networks, Aris… Continue reading Black Hat USA 2022 video walkthrough

Seemplicity collaborates with Checkmarx to improve visibility and operational efficiency for organizations

Seemplicity announced that it has partnered with Checkmarx, a provider of developer-centric application security testing (AST) solutions. The partnership will see the Checkmarx One Platform integrated within Seemplicity’s Productivity Platform, a… Continue reading Seemplicity collaborates with Checkmarx to improve visibility and operational efficiency for organizations

Checkmarx releases MSSP program to improve application security for organizations

Checkmarx launched its Managed Security Services Provider (MSSP) program. “The launch of our MSSP Program is a milestone in the Checkmarx journey and a natural extension of our commitment to global excellence in application security enablement,&#… Continue reading Checkmarx releases MSSP program to improve application security for organizations