Tag Archive for: Studio

Striim Launches Real-time Application Connector Suite on BigQuery Studio

/in


PALO ALTO, Calif., April 11, 2024 — Striim, Inc. is proud to showcase the new connectors for Google Cloud customers at Google Next in Las Vegas. With the recent launch of Striim Cloud for Application Integration, Striim has partnered closely with Google Cloud’s product team to ensure our 3 additional connectors are seamlessly integrated with BigQuery. Striim is excited to launch connectors for Stripe, Zendesk, and HubSpot as the first, with many more to follow.

“To combine contexts and deliver richer AI-based analytics, Striim is excited to expand its product offerings and commitment to BigQuery customers with the launch of our Striim Cloud for Application Integration product offering, which launched in Q1 2024,” stated Alok Pareek, Cofounder and Executive Vice President of Engineering and Products at Striim. “As a continuation of our close product integration and collaboration with Google Cloud, we are excited to announce these 3 new connectors for Stripe, Zendesk, and HubSpot at Google Cloud Next. This enables real-time delivery from cloud-native SaaS applications into BigQuery with powerful alerting, masking, transformation, and telemetry capabilities. The roadmap for 2024 will continue to build momentum as we launch more connectors each month and prioritize the connectors our customers use most often for mission-critical workloads.”

“Enterprises have an ever-increasing need for reliable solutions that can stream mission-critical data to BigQuery in real time,” said Yasmeen Ahmad, Managing Director, Data Analytics at Google Cloud. “With Striim Cloud for Application Integration, customers can easily integrate their data from ISV apps directly into BigQuery, reducing their time to insight so their operational and customer service teams can realize immediate impact from these insights instantly.”

Striim Cloud for Application Integration is built on a proven real-time streaming, scalable, and highly available Striim Cloud platform. As a Google Cloud native product, Striim Cloud can be used as a fully managed service removing the complexity of continuous data integration and empowering teams to focus on business-level initiatives without having…

Source…

Insomniac: PlayStation studio 'angered' by ransomware hack

/in



PlayStation studio Insomniac said its team was “saddened and angered” by the recent “criminal cyberattack”. Employee data, company emails and early details of an upcoming Wolverine game were among …

Source…

‘Spider-Man 2’ video game studio hit by $2 million ransomware attack

/in



Perpetrators identifying themselves as the Rhysida group demanded a staggering $2 million from Insomniac – the video game studio behind ‘Spider-Man 2’ – as part of a huge ransomware attack.

Source…

Hackers Can Abuse Visual Studio Marketplace to Target Developers with Malicious Extensions

/in


Jan 09, 2023Ravie LakshmananSupply Chain / CodeSec

Malicious Visual Studio Extensions

A new attack vector targeting the Visual Studio Code extensions marketplace could be leveraged to upload rogue extensions masquerading as their legitimate counterparts with the goal of mounting supply chain attacks.

The technique “could act as an entry point for an attack on many organizations,” Aqua security researcher Ilay Goldman said in a report published last week.

VS Code extensions, curated via a marketplace made available by Microsoft, allow developers to add programming languages, debuggers, and tools to the VS Code source-code editor to augment their workflows.

“All extensions run with the privileges of the user that has opened the VSCode without any sandbox,” Goldman said, explaining the potential risks of using VS code extensions. “This means that the extension can install any program on your computer including ransomwares, wipers, and more.”

To that end, Aqua found that not only is it possible for a threat actor to impersonate a popular extension with small variations to the URL, the marketplace also allows the adversary to use the same name and extension publisher details, including the project repository information.

While the method doesn’t allow the number of installs and the number of stars to be replicated, the fact that there are no restrictions on the other identifying characteristics means it could be used to deceive developers.

The research also discovered that the verification badge assigned to authors could be trivially bypassed as the check mark only proves that the extension publisher is the actual owner of a domain.

In other words, a malicious actor could buy any domain, register it to get a verified check mark, and ultimately upload a trojanized extension with the same name as that of a legitimate one to the marketplace.

A proof-of-concept (PoC) extension masquerading as the Prettier code formatting utility racked up over 1,000 installations within 48 hours by developers across the world, Aqua said. It has since been taken down.

This is not the first time concerns have been raised about software supply chain threats in the VS Code extensions marketplace.

In May 2021, enterprise security…

Source…