Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

splunk

The Credential Stuffing Guide: How To See & Stop Credential Stuffing Attacks

Apr 7, 2023 By Kayly Lange In Splunk
What do cybercriminals do with the information they obtain during a data breach? Most of the time, it results in credential stuffing. Credential stuffing is a cyberattack where criminals systematically use stolen data to test usernames and passwords across multiple online platforms. Bad actors gain access to these accounts for financial gain, identity theft and other malicious purposes.
Read Post
idstrong

What is a Cross-Site Request Forgery (CSRF) Attack?

Apr 7, 2023 By Greg Brown In IDStrong

Successful hackers have the ability to find a specific vulnerability and turn it into millions of dollars if the account is large enough. Good hackers keep it simple by using the browser as a means to attack unwitting users. Cross-site request forgery, commonly called CSRF, is an innovative attack method in which hackers use header and form data to exploit the trust a website has in a user’s browser.

Read Post
kroll

What Is a DMA Attack? Understanding and Mitigating the Threat

Apr 6, 2023 By Kroll In Kroll

You have probably wondered what would happen if your company laptop got lost or stolen. Would someone be able to extract sensitive data from your laptop even if the device is encrypted or locked? There are several ways to compromise a laptop with physical access, and one of them is through a direct memory access (DMA) attack.

Read Post
Forescout

How to Detect and Mitigate the 3CXDesktopApp Supply Chain Attack

Apr 5, 2023 By Shivram Amirtha and Forescout Vedere Labs In Forescout

On March 29, researchers from two security companies identified an active campaign originating from a modified version of a legitimate, signed application: 3CXDesktopApp, a popular voice and video conferencing software. 3CXDesktopApp is developed by 3CX, a business communications software company. According to its website, 3CX has 600,000 client organizations and 12 million daily users.

Read Post

SQL INJECTION ATTACK

Apr 5, 2023 By VISTA InfoSec In VISTA InfoSec
An SQL Injection vulnerability may affect any website or web application that uses an SQL database such as MySQL, Oracle, SQL Server, or others. SQL may be used to gain unauthorized access to sensitive data: customer information, personal data, trade secrets, intellectual property, and more. SQL Injection is one of the oldest, most prevalent, and most dangerous web application vulnerability. The OWASP organization (Open Web Application Security Project) lists injections in their OWASP Top 10 document as the number one threat to web application security.
View Video
safebreach

The New Frontiers of Cybersecurity - Exponential Increase in Complexity

Apr 5, 2023 By Itzik Kotler In SafeBreach

The New Frontiers of Cybersecurity is a three-part thought-leadership series investigating the big-picture problems within the cybersecurity industry. In the first post, we explored the reasons malicious actors have been able to enhance their ability to execute and profit from attacks. In the second post, we discussed how the massive increase in endpoints and systems online has dramatically increased the attack surface.

Read Post
alienvault

Chinese fraudsters: evading detection and monetizing stolen credit card information

Apr 4, 2023 By Strawberry Donut In AT&T Cybersecurity

Cyber attacks are common occurrences that often make headlines, but the leakage of personal information, particularly credit card data, can have severe consequences for individuals. It is essential to understand the techniques employed by cyber criminals to steal this sensitive information.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.