Israeli cyber company Oxeye is being sold for approximately $40 million to GitLab
Posted on Mar 19, 2024 by Ifi Reporter
The Israeli cyber company Oxeye is being sold for approximately $40 million to GitLab, which offers a platform for open source software development, after the latter had already recently acquired the Israeli company Fazit.
Recently, the Israeli start-up company Oxeye, which specializes in identifying security problems in the code of applications and distributed cloud systems, revealed a serious security breach (score 9.8 out of 10) in the popular and well-known Backstage project of Spotify.
Exploiting the discovered security weakness allows hacking into the development systems of the organizations using the project and may cause tremendous damage to the companies' customers and their employees, including the leakage of sensitive internal information. This is an achievement of the Israeli company that managed to expose the security weakness in the company.
Oxeye researchers shared information about the security vulnerabilities with Spotify and worked with Spotify to fix the vulnerabilities as soon as possible. Following the case, Spotify distributed to its customers a version 1.5.1 update of Backstage that closes the loophole and allows customers to use the project without danger.
"If you use template engines in the application, it is important to make sure that they are used safely. Powerful template engines are extremely useful but may create a risk for the organization," explains Gal Goldstein, senior security researcher at Oxeye. "If you use Backstage, we highly recommend updating it to the latest version to defend against this vulnerability as soon as possible."
Articles Archive
Top Categories
ABOUT IFI TODAY
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum