Santa Clara, California- (July 9 ,2024)- Uila Inc., the Application-centric Observability company, today announced that its Observability Platform, uObserve with its built-in Cyber Threat Detection and Protection capability can identify corporate assets that are at risk from the latest polyfill.io supply chain attack, that is threatening 1000s of websites worldwide and leading to clickjacking attacks and data theft of mission-critical and confidential information.
The polyfill.io attack refers to a security vulnerability found in the polyfill.io service, a popular tool that provides polyfills for web developers to ensure compatibility of their code across different browsers. A polyfill is a piece of code used to provide modern functionality on older browsers that do not natively support it. In this particular attack, a vulnerability was discovered that allowed an attacker to inject malicious code into the polyfills served by polyfill.io. This injection could potentially execute harmful scripts in the browsers of users visiting websites that utilized polyfill.io, leading to a range of security issues such as data theft, session hijacking, or other forms of exploitation.
To protect the environment from this attack, it is recommended that users must:
“This attack leads to various forms of exploitation, such as stealing cookies, logging keystrokes, or redirecting to phishing sites, which is disastrous for any organization that is handling confidential internal or customer information.” says Chia-Chee Kuan, CEO and Founder for Uila. “Not only can the user’s security team that is using Uila uObserve, get automatic alerts on this vulnerability, and automatically protect itself, the Uila cyber expert team also performs periodic and on-demand cyber threat assessments for all of its users, to identify emerging and critical threats like these in a timely manner, to minimize any impact to revenue and reputation.”
With Uila’s uObserve’s Cyber Threat Protection, users can:
Users who are interested in identifying this polyfill.io threat in their environment, can contact Uila to perform a free cyber threat assessment for their Data Center or Cloud environment from https://www.uila.com/uila-free-trial.
About Uila
Uila resolves Complex IT Disruptions for Enterprise Organizations with its Intelligent Application-centric Full-Stack Observability Platform, that correlates Application and Infrastructure Performance to isolate and remediate issues before business impact. With Uila, IT teams can visualize application workload dependencies across cloud platforms, rightsize infrastructure resources, troubleshoot disruptions for any onsite or remote VDI user due to application/network/infrastructure challenges, plan workload migration strategies for Cloud deployments and use AIOps to streamline troubleshooting and reduce MTTR with remediation actions. And most importantly, this is done WITHOUT any agents. Uila also allows security teams to combat advanced cyber threats, by providing comprehensive application anomaly insights, cyber threats & Data Exfiltration activities. Organizations use Uila to align themselves with their IT teams and cut MTTR from days to minutes to always keep End-User Experience at peak performance & secure, across cloud boundaries.
Contact Information
Dilip Advani
VP of Marketing
dilip.advani@uila.com
What did Uila win?
