Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

salt security

The Dell API Breach: It could have been prevented

May 17, 2024 By Hadar Freehling In Salt Security
As you may have seen in the news, a hacker stole 49 million customer records from Dell. The attack wasn’t novel or sophisticated. Instead, the attacker used a business logic flaw and an API to scrape 49 million records from Dell. How did they do it? Here is the attack flow. The attacker registered for an account within the Dell ecosystem to be a reseller/partner. They weren’t going to be. But Dell didn’t perform any checks, and within 48 hours, the attacker had a valid account.
Read Post
memcyco

Top 10 Data Governance Tools for 2024

May 17, 2024 By Julian Agudelo In Memcyco
A single misstep in managing sensitive data can lead to a data breach causing significant financial losses and severe damage to a company’s reputation. These breaches often expose sensitive customer and corporate data, underscoring the need for robust cybersecurity measures. Unfortunately, many organizations have an inadequate approach to data governance.
Read Post
Corelight

Detecting the STRRAT Malware Family

May 17, 2024 By Corelight Labs Team In Corelight
In this edition of Corelight’s Hunt of the Month blog, we bring you a STRRAT malware detector. In recent months STRRAT has become one of the top malware families submitted to Any.Run’s malware sandbox: STRRAT is a Java-based remote access tool (RAT) that uses a plugin architecture to provide full remote access to an attacker, as well as credential stealing, key logging, and additional plugins.
Read Post
code intelligence

Why Static Analysis (SAST) isn't enough to prevent critical bugs in embedded software

May 17, 2024 By Natalia Kazankova In Code Intelligence
Static code analysis is widely adopted among organizations for its ability to provide fast feedback loops and identify bugs early in development. However, despite its advantages, numerous bugs and vulnerabilities remain undetected and are only found when they've made their way into production or been caught by late-stage penetration testing. The best security practice involves leveraging both static and dynamic testing, such as fuzz testing.
Read Post
Tines

5 Critical SOAR Success Criteria for Enterprise Security Teams

May 17, 2024 By Kelsey Sevening In Tines
As organizations increasingly embrace automation and orchestration to streamline their security operations, defining clear success criteria becomes critical for ensuring the effectiveness and longevity of their automation projects. Recently, a prospect approached us seeking guidance on establishing success criteria for their upcoming journey with Tines automation over the span of the next year.
Read Post
1Password

Two new checks for the ChatGPT macOS app

May 17, 2024 By Fritz Ifert-Miller In 1Password
With the recent announcement of OpenAI’s ChatGPT desktop application for macOS, users gain access to LLM workflows outside of their browser. ChatGPT’s broad adoption by employees across industries, and around the world, has put employers, compliance, and security teams into high gear as they seek to balance the gains made in productivity with the potential risks of how these tools are being used.
Read Post
securitysenses

The Dangers of Credit Cards That Many People Ignore

May 17, 2024 By SecuritySenses In SecuritySenses
The rise of credit cards has undoubtedly made our lives easier in many ways. With just a swipe or tap, we can purchase goods and services without carrying around cash. However, there's always the risk of falling into credit card debt. In fact, according to a recent study, the average American household carries over $6,000 in credit card debt. In this article, we will discuss the dangers of credit cards that many people ignore. We will also discuss how a credit card debt defense attorney can assist in managing this type of debt.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.