Phishing attacks are getting more sophisticated by the day. Their target audience is changing every day. In the past, high-profile individuals were targeted using CXO attacks. These days, the scope has broadened and is targeting the whole organization.
Occamslabs sharing insights about cloud securtiy
-
Gone Phishing - Caught Developers
Security Phishing October 16, 2023
-
You are doing it wrong! Kubernetes Image Tags
Supplychain Security Kubernetes September 15, 2023
How you are using Docker tags can say a lot about your security.
-
Kubernetes and Supply Chain Security
Supplychain Security Kubernetes August 11, 2023
Running your workloads on Kubernetes(k8s) is becoming a de facto standard for many companies building software. The usual steps involve building software, running tests, building a container, hopefully doing some security scanning in the process, pushing to the registry, and deploying.
-
Vulnerability vs. Supply Chain Attack
Supplychain Security August 07, 2023
A vulnerability is usually an unintended software bug that opens an attack angle for a malicious actor. The good thing about an open-source project is, that the bigger the project, the more eyes are on it. The more likely these vulnerabilities will surface and be fixed fast. In smaller or dormant projects, this is usually not the case.
-
Supply Chains and Lock Files
Supplychain Security August 01, 2023
A supply chain attack is when one or more of the dependencies in your application have been compromised, and some “bad code “is running on your systems and applications that is intended to harm you. These kinds of attacks are becoming more common and more sophisticated.
-
Securing your Ruby and Rails Codebase
Ruby-on-rails Security Devsecops September 24, 2018
When writing software you want to avoid introducing functional bugs or security issues.