Open source developers not interested in solving code security issues?
Software developers invest less than 3% of their time in solving security issues in free and open source software (FOSS) and show little interest in allocating more resources moving forward, claims research carried out by the Linux Foundation and Laboratory for Innovation Science at Harvard (LISH). Nearly half of respondents are paid to contribute to […]
Less than 10% of data breaches are made public
In 2020, ransomware groups ramped up their attacks against corporate networks to steal hundreds of gigabytes of confidential information from each of their victims. The stolen data is either released online, if a ransom is not paid, or auctioned off to the highest bidder. Ransomware extortion attacks against your company are unlikely to go unnoticed. […]
Top 5 human errors that lead to data breaches
Malicious actors can identify and take advantage of security vulnerabilities in a matter of hours. Security vulnerabilities are an important part of this problem, but do not tell the whole story. More often than not, the victims themselves play a role in leaking their personal and financial information, due to a human error on their […]
Who Lets Access Keys Out?
Technical data leakage takes on many forms, but often revolves around the publication of passwords or cloud services’ access keys on the internet. Many technical data leakages are not the result of a malicious actor. Indeed, the leaks can come from well-intended developers who simply share too much of their code on source code repositories. […]
How to decrease false positives when scanning for committed secrets
In 2019, some 10 million developers joined Github and contributed over 44 million repositories in that year alone. Github is the most popular code repository, with 80% of its users located outside of the U.S. The open source platform is not used only by experienced software developers. Last year, there were over 760,000 developers using […]
How Much Would a Technical Leak Cost You in Stolen Cloud Resources?
If you have ever wondered how cryptocurrencies like bitcoin or monero issue new currency, the answer is through a competition called cryptocurrency mining. This competition is open to anyone connected to the internet, and the more powerful the computer – or computers – you control, the better your odds of creating cryptocurrency you can exchange […]
How Sudden Policy Changes Put Company Secrets at Risk
Popular among developers, Docker Hub has been used for years to share applications and code libraries. In August 2020, Docker reported its service was used by more than 6.5 million developers and it had accumulated more than 15 PB (15,000 terabytes!) of container images. Image storage costs, as well as the bandwidth to service them, […]
What is technical leakage and how does it happen?
In July, more than 50 international companies suffered a source code leak due to software development misconfigurations in DevOps applications, Bleeping Computer writes. The businesses operated in various industries, including technology, financial services, retail, entertainment, and manufacturing, and may have also been used as third-party attack sources for their business partners. According to the researcher […]
What Does Coverage Mean for Digital Risks?
Digital risk protection (DRP) refers to the “proactive defense of business assets against the threats they face.” This definition starts off with the notion of proactive defense which translates to concrete actions taken by companies to eliminate threats and identify leaks before they hurt their brand and reputation. As shown below, companies can benefit from […]
What risks do unreported data breaches pose for your business?
A database of 34 million user account records that were stolen from seventeen companies in 2020 is now for sale on a forum, Bleeping Computer reports. The dump has generated interest from multiple users who approached the seller on Russian messaging platform Telegram. The seller insists he is not responsible for the data breaches, and […]
