Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

netskope

Telegram Abused as C2 Channel for New Golang Backdoor

Feb 14, 2025 By Leandro Fróes In Netskope
As part of Netskope Threat Labs hunting activities, we came across an IoC being shared by other researchers and decided to take a closer look at it. During the analysis, we discovered that the payload was apparently still under development, but is already fully functional. The malware acts like a backdoor and uses Telegram as its command and control (C2) channel.
Read Post
securitysenses

IT Staffing Challenges for MSPs: How to Build a Skilled and Secure Workforce

Feb 14, 2025 By SecuritySenses In SecuritySenses
Managed Service Providers (MSPs) are playing an increasingly critical role in handling IT operations, cybersecurity, and cloud infrastructure for businesses. This reliance has created a demand for highly skilled professionals capable of maintaining security, managing networks, and adapting to evolving technologies. However, MSPs face significant challenges in attracting and retaining top IT talent, making workforce stability a pressing concern.
Read Post
securitysenses

How to Maintain Network Security During a NetSuite Implementation

Feb 14, 2025 By SecuritySenses In SecuritySenses
NetSuite is one of the most secure Enterprise Resource Planning (ERP) software systems available, including multi-factor authentication and token-based application authentication. However, implementing NetSuite is often a long process that can entail numerous contractors and other parties working within your system. During the transfer and adjustment period, you must take extra care with your data security to ensure that everything is moved properly and no data is lost. Today, we'll explore how you can ensure that your data is safe during this critical transition period.
Read Post
securitysenses

Testing Authorization Policies in CI/CD Environments: Best Practices

Feb 14, 2025 By SecuritySenses In SecuritySenses
When you're nearing bringing a new update to production, you may rather not want to realize that everyone and anyone has complete open access to sensitive data, just before you're about to deliver the update. Misconfiguring or properly not configuring an authorization policy could lead to a scenario just like that. Things move fast in the CI/CD environment, with code changes and constant deployments, so it's not hard to see how a security mistake can slip under the radar. But when it does, you can expect security breaches, regulatory violations, and huge losses, are swiftly follow. And you definitely want to prevent those.
Read Post
CrowdStrike

Detect Data Exfiltration Techniques with Falcon Next-Gen SIEM

Feb 13, 2025 By Radu-Emanuel Chiscariu In CrowdStrike
Sensitive data theft is among adversaries’ most common goals. For defenders, data exfiltration can lead to the compromise of customer data, public exposure of trade secrets, and potentially permanent business and reputational damage. Victims of data exfiltration may also face legal issues for non-compliance with data protection laws. This must be a top concern for businesses.
Read Post
knowbe4

New Phishing Campaign Targets The X Accounts of Politicians, Tech Companies, Cryptocurrency, And More

Feb 13, 2025 By Stu Sjouwerman In KnowBe4
SentinelOne warns that a phishing campaign is targeting high-profile X accounts, including those belonging to US political figures, leading journalists, major technology companies, cryptocurrency organizations, and owners of coveted usernames. “SentinelLABS’ analysis links this activity to a similar operation from last year that successfully compromised multiple accounts to spread scam content with financial objectives,” the researchers write.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.