threats
How We Found Another GitHub Action Environment Injection Vulnerability in a Google Project
This blog shows another case of GitHub Actions environment injection vulnerability in a Google repository. The previous case where we found vulnerabilities in Firebase repositories can be found here with a detailed ...
Identity Security a Top Priority as Threats Evolve
The need to secure digital identities is one of the biggest privacy and data issues facing organizations today, and with less than half of organizations (49%) proactively investing in securing identities, there ...
What is interception fraud? How to detect & prevent interception fraud.
Want to know what interception fraud is? Discover what it is & how you can prevent interception fraud from affecting your business ...
Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference
Seceon will again be participating with AGC Partners in its 14th Annual Boston Technology Growth Conference to be held on Thursday, November 9th. The AGC Partner Conference is a premier showcase for fast ...
Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference
Seceon will again be participating with AGC Partners in its 14th Annual Boston Technology Growth Conference to be held on Thursday, November 9th. The AGC Partner Conference is a premier showcase for fast ...
Supply Chain Attacks Overflow: PyPI Suspended New Registrations
On May 20th, in an unprecedented move, PyPI (the official Python Package manager) announced they are temporarily suspending new users and new projects registration. This dramatic announcement follows a long line of ...
What is SMS pumping, and how does it impact your business?
SMS pumping takes advantage of two-factor authentication via SMS to charge businesses exorbitant connection fees. Learn how to detect & prevent SMS pumping ...
Gift Card Fraud Prevention Methods & Solutions for 2023
With e-commerce fraud on the rise, it's essential to know how to prevent gift card fraud. We discuss ways businesses can prevent gift card fraud & secure sites ...
SLSA Provenance Blog Series, Part 1: What Is Software Attestation
In this blog series, we will uncover the details of SLSA provenance which refers to the ability to trust the authenticity of artifacts. SLSA (Supply chain Levels for Software Artifacts) is focused ...
New Techniques Attackers Are Using to Harvest Your Secrets
Toyota Motor Corporation recently suffered a data breach due to a mistakenly exposed access key on GitHub. That hardcoded access key evaded detection for five years! This news joined a long line ...