Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

bitsight

ToxicPanda: The Android Banking Trojan Targeting Europe

Jul 28, 2025 By Pedro Falé In BitSight
ToxicPanda is a banking trojan designed to infiltrate your mobile device, stealing financial details by targeting banking & financial apps. The malware keeps evolving, with the developers behind it being quick to add new features, such as overlaying pin & pattern codes, overlaying credential inputs for specific banking apps, allowing cybercriminals to remotely take control of compromised bank accounts and initiate unauthorized money transfers.
Read Post
datadog

Identify common security risks in MCP servers

Jul 28, 2025 By Yuki Matsuzaki In Datadog
AI adoption is rapidly increasing, and with that comes a steady influx of useful but potentially vulnerable tools and services still maturing in the AI space. The Model Context Protocol (MCP) is one example of new AI tooling, providing a framework for how applications integrate with and supply context to large language models (LLMs). MCP servers are central to developing AI assistants and workflows that are deeply integrated with your environment.
Read Post
knowbe4

KnowBe4 Named a 2025 Gartner Peer Insights Customers' Choice for Email Security Platforms

Jul 28, 2025 By Cindy Zhou In KnowBe4
KnowBe4 is excited to announce that we have been recognized as an overall Customers’ Choice in the July 2025 Gartner Peer Insights Voice of the Customer for Email Security Platforms Report. The Gartner Peer Insights Customers’ Choice distinction is based on feedback and ratings from end-user professionals who have experience purchasing, implementing and/or using a product or service.
Read Post
teramind

What Are Insider Threats & How to Detect Them

Jul 28, 2025 By Teramind In Teramind
Businesses spend a fortune to fight back against external threats, yet one of the most damaging cybersecurity risks is already inside the building. These are insider threats—security risks originating from the very people you trust with access to your network: your employees, contractors, and partners. This isn’t a rare occurrence but a consistent and growing trend.
Read Post
Arctic Wolf

What Is PCI DSS and How Can Organizations Best Maintain Compliance?

Jul 28, 2025 By Arctic Wolf In Arctic Wolf
The world is going cashless. The Federal Reserve reported that cash was used in just 16% of all U.S. transactions in 2024. And that number is expected to continue to decline. The widespread use of credit and debit cards, plus the rise of digital wallets and contactless payments, have reshaped the financial landscape, increasing flexibility as well as financial protection. However, it’s also increased the levels of fraud.
Read Post
Cybersecurity Training For Teachers Is Key To Stopping Phishing In Schools

Cybersecurity Training For Teachers Is Key To Stopping Phishing In Schools

Jul 28, 2025 By SecuritySenses In SecuritySenses
Schools have become a prime target for cybercriminals, with phishing now the biggest threat. In fact, 89% of UK primary and secondary schools experienced a phishing attack last year, the Department for Science, Innovation & Technology reveals. 40% of higher education institutions also reported serious repercussions after phishing attacks, such as, data breaches or financial loss. So, what makes schools such attractive phishing targets? The answer lies in the fact that they often store a lot of sensitive data, but lack the IT resources to properly protect it. The good news is teachers do have the power to fight back against phishing.
Read Post
wallarm

ToolShell: Remote Code Execution in Microsoft SharePoint (CVE-2025-53770)

Jul 27, 2025 By Wallarm In Wallarm
On July 19, 2025, a critical remote code execution (RCE) vulnerability (CVE-2025-53770, also referred to as ToolShell) was publicly disclosed, impacting on-premises Microsoft SharePoint Server installations. This vulnerability allows unauthenticated attackers to execute arbitrary code remotely by leveraging insecure deserialization techniques.
Read Post
salt security

LLMs Are Not Goldfish: Why AI Memory Poses a Risk to Your Sensitive Data

Jul 27, 2025 By Michael Callahan In Salt Security
We’ve all heard the myth: goldfish have a memory span of just a few seconds. While that’s debatable in marine biology circles, it’s useful as a metaphor in tech, especially when talking about memory, risk, and AI. The problem is, large language models (LLMs) are not goldfish. In fact, they have incredible memory. And increasingly, that memory isn’t just session-based. It’s persistent, long-term, and system-connected. That changes everything.
Read Post
How Can You Use the Dow Jones Chart to Understand Market Trends?

How Can You Use the Dow Jones Chart to Understand Market Trends?

Jul 27, 2025 By SecuritySenses In SecuritySenses
Dow Jones' chart is an excellent graphical resource that can convert intricate market information into understandable trends and patterns. The market performance chart offers investors immediate responses to what the market has achieved over different periods and is therefore a key element of effective investment strategy. Possessing reading and interpreting skills of such charts can significantly help your ability to invest wisely and discover potential market opportunities.
Read Post
trustcloud

Third-party risk is everyone's problem: What CISOs need to know now

Jul 26, 2025 By Tejas Ranade In TrustCloud
In this article The alarm wasn’t a breach. It was an invoice. A mid-sized enterprise onboarding a new analytics vendor found themselves tangled in a post-implementation scramble: customer data had been shared without encryption, the vendor’s security posture was based on trust alone, and legal had skipped the SLA review because “they’d worked with them before.” What followed wasn’t a data loss, but something quieter and more corrosive, an erosion of confidence.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.