Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

tripwire

Holding the Tide Against the Next Wave of Phishing Scams

Feb 12, 2025 By Josh Breaker-Rolfe In Tripwire
By now, we should all be pretty well acquainted with phishing scams. They've been around for a very long time—nearly 30 years, in fact—and are the primary focus of most security awareness training programs and initiatives. Despite this, phishing remains remarkably effective, with over 90% of successful cyberattacks beginning with a phishing email. Why? Because these scams are constantly evolving. To protect against the next wave of phishing scams, it's important to understand them.
Read Post
fireblocks

Fireblocks Integrates Soneium to Seamlessly Connect Creators and Fans

Feb 12, 2025 By Fireblocks In Fireblocks
We are excited to announce an integration with Soneium, the Ethereum Layer-2 blockchain built by Sony Block Solutions Labs, a joint venture between Sony Group Corporation and Startale Group. Soneium provides accessible, user-centric solutions that empower individuals, creators, and enterprises to build, connect, and thrive in a borderless digital ecosystem.
Read Post
outpost 24

How to reduce false positives when pen testing web apps

Feb 12, 2025 By Marcus White In Outpost 24
In the context of penetration (pen) testing, false positives are where the testing tools or methods identify a security vulnerability or issue that doesn’t actually exist. Essentially, a false alarm. This can happen for a few reasons, such as misconfigurations in the testing tools, incorrect assumptions, or environmental factors.
Read Post
outpost 24

Belsen Group: Analyzing a new and ambitious threat group

Feb 12, 2025 By KrakenLabs In Outpost 24
On January 14th, 2025, Belsen Group emerged in the underground forum Breach Forums publishing a list of sensitive data extracted from vulnerable Fortinet FortiGate devices. Since then, they have expanded their malicious activities into acting as initial access brokers. Who are they and what do we know about them? In this blog we’ll give you the lowdown on an ambitious new threat group to be aware of.
Read Post
jfrog

JFrog Simplifies Compliance with India's new CERT SBOM Guidelines

Feb 12, 2025 By Yashaswi Mudumbai In JFrog
The Indian Computer Emergency Response Team (CERT-In) is the national agency responsible for addressing cybersecurity incidents in India. Established in 2004 and operating under the Ministry of Electronics and Information Technology (MeitY), CERT-In is dedicated to enhancing the security of India’s digital infrastructure.
Read Post
bitsight

7 Questions Tech Buyers Should Ask About How Their Vendors Use AI

Feb 12, 2025 By Anders Norremo In BitSight
As AI becomes an increasingly critical component in the digital supply chain, tech buyers are struggling to appropriately measure and manage their AI risk. Keeping tabs on emerging risk from the AI technology they use is hard enough. But often the most crucial AI business functions that organizations depend upon aren’t directly under their control or care, but instead are governed by the tech vendors that embed them into their underlying software.
Read Post
securitysenses

Ensuring Data Privacy in Machine Learning: The Role of Synthetic Data in Protecting PII

Feb 12, 2025 By SecuritySenses In SecuritySenses
In today's data-driven world, machine learning (ML) models rely on vast amounts of information to power insights, automation, and decision-making. However, as organizations increasingly leverage these models, they must also address the critical challenge of protecting personally identifiable information (PII). Regulatory frameworks like GDPR, CCPA, and HIPAA place stringent requirements on how data is collected, processed, and shared, making privacy-preserving techniques essential for responsible AI and ML development.
Read Post
manageengine

Guarding open-source AI: Key takeaways from DeepSeek's security breach

Feb 11, 2025 By Endpoint Central In ManageEngine
In January 2025, within just a week of its global release, DeepSeek faced a wave of sophisticated cyberattacks. Organizations building open-source AI models and platforms are now rethinking their security strategies as they witness the unfolding consequences of DeepSeek’s vulnerabilities. The attack involved well-organized jailbreaking and DDoS assaults, according to security researchers, revealing just how quickly open platforms can be targeted.
Read Post
gcore

Gcore Radar report reveals 56% year-on-year increase in DDoS attacks

Feb 11, 2025 By Gcore
Gcore, the global edge AI, cloud, network, and security solutions provider, today announced the findings of its Q3-Q4 2024 Radar report into DDoS attack trends. DDoS attacks have reached unprecedented scale and disruption in 2024, and businesses need to act fast to protect themselves from this evolving threat. The report reveals a significant escalation in the total number of DDoS attacks and their magnitude, measured in terabits per second (Tbps).
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.