Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

opti9

Ransomware in Financial Services: Traditional Backup Isn't Enough

Feb 17, 2026 By Mark Mazza In Opti9
Many financial services IT leaders believe they’re protected against ransomware because they have backups. According to Sophos’ State of Ransomware in Financial Services 2025, 64% of financial services organizations were hit by ransomware in the past year. Of those with backups, a significant percentage discovered their backup infrastructure had been compromised too. Modern ransomware operators don’t just encrypt production data.
Read Post

The Real Risks of Agentic AI in the Enterprise with Camille Stewart-Gloster

Feb 17, 2026 By Rubrik In Rubrik
In this episode of Data Security Decoded, host Caleb Tolin is joined by Camille Stewart-Gloster, CEO of CAS Strategies and former Deputy National Cyber Director, to unpack how AI is redefining cyber risk at every layer of the organization. Camille explains why identity-based attacks are so effective and how non-human identities (from APIs to AI agents) are quietly expanding the attack surface. She emphasized how critical MFA is for organizations to enable as they scale up AI operations, and why conditional access and governance must be foundational, not optional.
View Video

Why Hospitals Pay Ransom to Hackers

Feb 16, 2026 By Razorthorn Security In Razorthorn
Targets in western countries are picked with care, since hospitals and critical services face lives at risk and heavy legal fallout after breaches. When attackers weigh up ransom against long court battles and recovery costs, payment becomes the path many victims choose, feeding the growth of cybercrime. ⸻ For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com. We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion..
View Video

How Hospitals Sustain Patient Care When Systems Go Dark

Feb 12, 2026 By Rubrik In Rubrik
In this episode of Building Cyber Resilience: A Healthcare Leader’s Guide, host Josh Howell speaks with Drex DeFord, veteran healthcare CIO, strategist, and President of 229 Cyber & Risk at This Week Health. Drawing on decades of experience leading technology and transformation across organizations like the U.S. Air Force, Seattle Children’s, Scripps Health, and Steward Healthcare, Drex explores what it really takes to sustain patient care when cyberattacks force systems offline.
View Video
Arctic Wolf

From Operations to Policy: Contributing to the Global Fight Against Ransomware

Feb 12, 2026 By Ismael Valenzuela In Arctic Wolf
Today, the government of Canada issued a statement announcing that Arctic Wolf will continue to co-chair the Counter Ransomware Initiative Public-Private Sector Advisory Panel in 2026, alongside Public Safety Canada and BlackBerry. The panel will also include member organizations such as Ensign InfoSecurity, the Institute for Security and Technology, Microsoft, Palo Alto Networks, and the Royal United Service Institute.
Read Post
cato networks

Cato CTRL Threat Research: Foxveil - New Malware Loader Abusing Cloudflare, Discord, and Netlify as Staging Infrastructure

Feb 11, 2026 By Dr. Guy Waizel In Cato Networks
Cato CTRL has identified a previously undocumented malware loader we track as “Foxveil.” We observed evidence that the malware campaign has been active since August 2025, and we observed two distinct variants (v1 and v2). Foxveil behaves like a modern initial-stage loader: it establishes an initial foothold, frustrates analysis, and retrieves next-stage payloads from threat actor-controlled staging hosted on Cloudflare Pages, Netlify, and, in some cases, Discord attachments.
Read Post
Snyk

Why Your "Skill Scanner" Is Just False Security (and Maybe Malware)

Feb 11, 2026 By Liran Tal In Snyk
Maybe you’re an AI builder, or maybe you’re a CISO. You've just authorized the use of AI agents for your dev team. You know the risks, including data exfiltration, prompt injection, and unvetted code execution. So when your lead engineer comes to you and says, "Don't worry, we're using Skill Defender from ClawHub to scan every new Skill," you breathe a sigh of relief. You checked the box. But have you checked this Skills scanner?
Read Post

Detect OPERATOR PANDA at the Edge with Falcon Adversary Overwatch

Feb 11, 2026 By CrowdStrike In CrowdStrike
CrowdStrike Falcon Adversary Overwatch: ► Detect adversaries hiding in your blind spots. Falcon Adversary Overwatch exposes threats targeting network edge devices—firewalls, routers, and infrastructure traditional security tools can’t see. Watch the demo to see how CrowdStrike detects OPERATOR PANDA in real time and stops edge-driven intrusions that quickly turn into credential theft and identity abuse before they escalate.
View Video
Snyk

How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware

Feb 10, 2026 By Liran Tal In Snyk
You ask your OpenClaw agent to "check my Gmail." It replies, "I need to install the Google Services Action skill first. Shall I proceed?" You say yes. The agent downloads the skill from ClawHub. It reads the instructions. Then, it pauses. "This skill requires the 'openclaw-core' utility to function," the agent reports, displaying a helpful download link from the skill's README. "Please run this installer to continue." You copy the command. You paste it into your terminal. You have just been compromised.
Read Post
levelblue

LevelBlue SpiderLabs: Breaking Down the Ransomware Groups Targeting the Education Sector

Feb 10, 2026 By LevelBlue In LevelBlue
Ransomware attack groups have ramped up their efforts, launching attacks on the education sector with recent incidents striking a range of targets from an Australian institution of higher learning to a school district in North Carolina. These facilities contain a large amount of very valuable data, such as student records, intellectual property, and financial information that threat groups can leverage for financial gain. An additional reason education is targeted is that it must stay in operation.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.