compromisation

Mitigating Cloud Risks: Simple Steps to Prevent Incidents

05 April 2025 - Posted in Hardenings by Jok3r

Background: Based on well-known practices and yearly reviews over the infosec industry channels, a significant part of incidents occurring in the cloud are primarily caused by misconfigurations of [...] Read more

Mastering Browser Extensions: Key Strategies for Effective Analysis and Threat Prevention

17 August 2024 - Posted in Threat Analyze by Jok3r

Background: In today’s digital landscape, browser extensions are immensely popular for automating tasks and enhancing productivity. Millions of users rely on these tools to streamline their [...] Read more

Securing the Software Supply Chain: Detecting and Responding to Compromised Packages Due to Maintainer Account Compromises

03 August 2024 - Posted in Other by Jok3r

Background: Today, we heavily rely on open-source developed packages and solutions. Previous lessons have shown that compromises in these solutions can pose critical threats. These solutions serve as [...] Read more

Understanding Supply Chain Attacks: The Case of Polyfill CDN

29 June 2024 - Posted in Incident Response by Jok3r

Background: A supply chain attack involving a popular JavaScript library being served over a dedicated content delivery network (CDN) could result in the injection of harmful code into web pages that [...] Read more