Daily Archives: April 1, 2019

Cloudbric Cements Commitment to Cloud Infrastructure And Blockchain Business By Partnering With AWS


AWS_APN Logo

Cloudbric currently holds Technology Partner status with Amazon Web Services (AWS).

The AWS Partner Network (APN) is a global partner program composed of cloud software and service vendors that have earned endorsement from AWS after meeting several important criteria.

With the cloud computing market estimated to be worth 272 billion USD worldwide, cloud computing has made it easy to access applications and data from virtually anywhere, without compromising scalability or security. 

Cloudbric’s partnership with AWS has armed us with additional tools and resources from Amazon enabling us to differentiate our solution for AWS customers with improved functionality and cloud security service offerings.

As a Technology Partner, Cloudbric is made-ready for the cloud environment.

Not only that, but as Cloudbric expands into the blockchain business (by currently providing web security services to numerous crypto exchanges and other wallet platforms), we realize cloud infrastructure is more important than ever.

It’s why Cloudbric has announced it has delved into the operation of blockchain wallet nodes.

When it comes to exchanges or wallets, nodes are necessary for its stable operation on the blockchain network which typically requires to operate in multiple regions as nodes are hosted in data centers.

As a result, Cloudbric aims to secure the operation and building of blockchain nodes in its existing data centers and servers around the world.

Until now Cloudbric has been able to provide cloud-based security services around the world, and this know-how in cloud infrastructure has led to the signing of blockchain node operation contracts and is expected to draw the attention of companies that operate blockchain wallets.


Make sure to follow us on our social media platforms (LinkedInTwitter, and Facebook) and our recently opened Telegram Announcement Channel for the latest updates!

The post Cloudbric Cements Commitment to Cloud Infrastructure And Blockchain Business By Partnering With AWS appeared first on Cloudbric.

The GPS Rollover Bug: 3 Tips to Help You Avoid Phishing Scams

Today, users are extremely reliant on our GPS devices. In fact, we’re so reliant on these devices that map features are programmed into almost every IoT device we use as well as inside of our vehicles. However, the Department of Homeland Security has issued an alert to make users aware of a GPS receiver issue called the GPS Week Number Rollover that is expected to occur on or around April 6, 2019. While this bug is only expected to affect a small number of older GPS devices, users who are impacted could face troubling results.

You may be wondering, what will cause this rollover issue? GPS systems count weeks using a ten-bit parameter, meaning that they start counting at week zero and then reset when they hit week 1,024, or 19.5 years. Because the last reset took place on August 21, 1999, it appears that the next reset will occur on April 6, 2019. This could result in devices resetting their dates and potentially corrupting navigation data, which would throw off location estimates. That means your GPS device could misrepresent your location drastically, as each nanosecond the clock is out translates into a foot of location error.

So, how does this rollover issue translate into a potential cyberthreat? It turns out that the main fix for this problem is to ensure that your GPS device’s software is up-to-date. However, due to the media attention that this bug is receiving, it’s not far-fetched to speculate that cybercriminals will leverage the issue to target users with phishing attacks. These attacks could come in the form of email notifications referencing the rollover notice and suggesting that users install a fraudulent software patch to fix the issue. The emails could contain a malicious payload that leaves the victim with a nasty malware on their device.

While it’s difficult to speculate how exactly cybercriminals will use various events to prey on innocent users, it’s important to be aware of potential threats to help protect your data and safeguard your devices. Check out the following tips to help you spot potential phishing attacks:

  • Validate the email address is from a recognized sender. Always check the validity of signature lines, including the information on the sender’s name, address, and telephone number. If you receive an email from an address that you don’t recognize, it’s best to just delete the email entirely.
  • Hover over links to see and verify the URL. If someone sends you a link to “update your software,” hover over the link without actually clicking on it. This will allow you to see a link preview. If the URL looks suspicious, don’t interact with it and delete the email altogether.
  • Be cautious of emails asking you to take action. If you receive a message asking you to update your software, don’t click on anything within the message. Instead, go straight to your software provider’s website. This will prevent you from downloading malicious content from phishing links.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post The GPS Rollover Bug: 3 Tips to Help You Avoid Phishing Scams appeared first on McAfee Blogs.

March Hackness: A Recap

At our core Security Innovation is a company helping to educate the world about Application Security wherever we can. Whether it be through our Computer Based Training, Security Testing or Cyber Range, we always get excited to see our customers learn and improve their security skills. A perfect example is Brandon Evans - a software engineer who recently won our AppSec Cali event and followed that up by finding all 55 issues in our InstaFriends site. Congratulations Brandon!

Scan WordPress websites for vulnerabilities WPScan Kali Linux

Scan WordPress websites for vulnerabilities WPScan Kali Linux   WPScan is a black box vulnerability scanner for WordPress websites. WPScan comes pre-installed in Kali Linux. Kali Linux is a popular Linux distribution built on Debian Kali Linux comes with many of the best ethical hacking tools pre-installed. If you’re not using Kali Linux and you […]

The post Scan WordPress websites for vulnerabilities WPScan Kali Linux appeared first on HackingVision.

New eLearning Learner Levels Streamline Verified Progress

Before customers buy from you, they ask “Can you prove that your application is secure, and that you will protect our data if we give it to you?” Companies around the world struggle to answer this question, especially with the advancement of DevOps and rapid changes/deployment of applications into production. As such, we launched Verified to help you prove to your customers that you adopt security best practices for your applications and the developers that support them on an ongoing basis.

Veracode Verified is a three-tier maturity program that includes several training elements. For example, to reach the Verified Team tier, one requirement is to select and train a security champion. A requirement to reach Verified Continuous is to roll out security fundamentals training to all developers working on an application. 

Veracode Introduces Learning Levels

In order to help companies track the maturity of their eLearning program and their progress toward Verified tiers, Veracode launched learning levels in the eLearning product. The new enhancement to eLearning includes the following:

Learning Levels: There are three levels that individuals can reach within the platform. Each level has a requirement in terms of specific courses a user must complete in order to obtain that level.

Level 1 – Developer Security Fundamentals

Level 2 – Verified Team Security Champion

Level 3 – Verified Continuous Security Champion

Visit our website for more details on developer training.

Platform Badges: There are now badges next to user names that align to the level the user has reached. This allows managers to quickly identify that their teams have met their policy requirements for eLearning.

Certificate: Users can also download a certificate that shows their name, the level they reached, and the date they achieved their status.

Reporting: Managers can download a report for their teams on the levels they achieved, and the date it was achieved.

A Variety of Developer Training that Meets Your Specific Needs

With the increased speed of development, plus security shifting “left,” developers need to catch security-related defects on their own as often as possible. However, most developers have had no opportunities to learn secure coding, in school or on the job. Veracode offers application security leaders the chance to engage developers with various types of training, from self-service eLearning to fully customizable on-site workshops. 

Learn more about proving the security of your development process with our Verified program, and the different training elements needed to become Verified.