Categories
compliance developer Open Source

Developers that Copy and Paste Code Put Companies at Risk for Lawsuits

Go to developer forums, Youtube channels and blog posts, and you’ll find endless conversations about copying and pasting code. The discussion revolves around whether this practice is a lazy form of code development or whether it will cause problems with achieving the desired outcome. They discuss if it will take longer to fix the bugs […]

Categories
cyber attack cybersecurity Open Source

Developers Be Aware of Open Source Attacks

Open source is systematically being attacked on the infrastructure used to distribute code. In a few years, we’ve experienced attacks on pre-existing vulnerabilities occurring months after a disclosure down to a few days.   Attackers now directly hijack the publisher’s credentials and distribute malicious components.This worrisome trend requires enterprises to have in-depth knowledge of what open […]

Categories
cyber attack

IT Contractor Sentenced to 2 Years in Prison for Retaliatory Cyber Attack

Deepanshu Kher, an IT contractor who was caught hacking into a Carlsbad companies server was sentenced to two years in prison. He was found guilty of deleting over 1200 of its 1500 Microsoft 0365 user accounts.  He was retaliating for being fired from the IT consulting firm that was assisting an unidentified company with its […]

Categories
developer Open Source

Happy Developers are Productive Developers

A Development Manager has many hats. Their responsibilities include overseeing the team’s development of systems, software, and deployments. They are in charge of training, hiring, budgets, and enforcing deadlines. Perhaps, their most important role is to improve their developer’s productivity. Developers are the foundation of a company’s software success. A happy developer will be more […]

Categories
cybersecurity

Cyber Attacks Can Kill Your SMB

Cybersecurity should not only concern large organizations; the size of a company does not matter in today’s cyberspace. No matter their size, companies are at risk of cyberattacks. Many SMBs are unaware that they are at risk of cyberattacks since they do not have the necessary resources to keep up with the latest information on […]

Categories
Open Source

Open-Source Licenses Sparks Debate

The open-source community disagrees on how “free” open source licenses should be used. Open-source vendors are frustrated because some open source license terms are keeping them from profiting, while developers are frustrated because their software is being used by unethical people with dishonest intentions. Developers and vendors are now dealing with a host of new […]

Categories
News

Extortionists Breach Qualys Using Accellion Exploit

Enterprise cloud security firm Qualys is the latest victim of a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance server were used to steal sensitive business documents. The cybercriminals behind the hacks shared screenshots of files belonging to the company’s customers on a publicly accessible data leak website operated by the CLOP […]

Categories
compliance cybersecurity Open Source security

The Four Laws of Cybersecurity

(Image: Wk1003mike via Shutterstock) 4.57 Billion humans are on-line, communicating with each other and multiple institutions daily. This ties us together through a common language that we all share, which is networking protocols, which are rules for communication between network devices and how those devices can connect to each other.   Social Media platforms that tie […]

Categories
cybersecurity Open Source

Airline Supply-Chain Attacks on The Rise

SITA, a communications and IT vendor for 90% of the world’s airlines, has been breached. Passenger data stored on the company’s U.S. servers has been compromised.  Malaysia Airlines sent out an email to their frequent flyer members informing them that there’s “no evidence” their personal data has been misused but that is highly unlikely. It […]

Categories
Open Source

Supply chain attack targets internal apps at tech giants

Alex Birsan, an ethical hacker discovered a security vulnerability belonging to several companies, including Tesla, Apple, Netflix, and Microsoft by exploiting open-source repositories that allowed him to run code on their internal systems. The supply chain attack involved uploading malware to open-source repositories including npm, PyPI, and RubyGems that got distributed downstream. The supply chain […]