![]() Only when armed with full visibility can dependency risks be properly mitigated. To properly plan for such situations, IT and engineering organizations should implement a policy which identifies any third party libraries, services, components and APIs and then monitors for changes in these dependencies. A decision made by a third party could easily have a significant impact on operations, and potentially be an impact which is challenging to securely mitigate. Enhance your browsing experience with Tampermonkey Tampermonkey is a versatile browser extension with over million users that enhances your browsing experience by allowing you to run userscripts on websites. While the Tampermonkey and Opera teams have come to a resolution which removed Tampermonkey from the blacklist, this situation highlights a requirement for all IT organizations and engineering teams to clearly understand their dependencies are. The net result being that legitimate Opera users of Tampermonkey were also impacted. Upon inspecting Tampermonkey , Opera determined that blacklisting it was the most effective way to black the malicious application. ![]() In this case, it appears Opera identified a specific version of a component,Tampermonkey, which, in addition to being legitimate, was also being distributed with a malicious application. ![]() ![]() Modern software is a combination of libraries, third party components and third party services – in addition to the custom code created. “While in blacklisting a specific version of Tampermonkey , Opera acted out of concern for the security of their end users, this situation highlights the risks present in modern applications.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |