These are the biggest #AppSec headlines of April 2019. I love the analogy of the developer getting mugged in this first example. And we have more incidents of credential stuffing here.
Dockerhub breach results in 190,000 credentials stolen
Docker has announced a large breach that has resulted in over 190000 credentials being stolen. The impact is best explained by Kenn White:
Kenn White, a security researcher, explained the potential impact of the breach with an analogy.
“Think of it like this: developer gets mugged, and gets his keychain and wallet stolen. If the only keys were to his house and cars, that’s not great but it’s not a problem for the company,” White told Motherboard in an online chat. “In this case, potentially 190,000 keychains were pilfered, but with keys to company’s front doors too. Now it’s everybody’s problem.”
Tushar Richabadas is a Product Manager for the Barracuda Web Application Firewall and Barracuda Load Balancer ADC. His current areas of focus are Cloud and automation. His prior roles ranged from leading networking product testing teams and technical marketing for HCL-Cisco. Tushar closely tracks the rapidly increasing impact of digital security and is passionate about simplifying digital security for everyone.