Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Risk Management

trustcloud

Risk Registers: The Ultimate Guide with Examples & Template

Jun 9, 2023 By Mimi Pham In TrustCloud

Effectively utilizing a risk register allows your organization to anticipate and overcome challenges with confidence. No GRC program is failproof, which is why it’s so critical to take a thorough look at potential risks and remediations. To make sure you’re starting on the right foot, we’ve provided a free, downloadable risk register template you can use once you have a better understanding of what it does.

Read Post
kovrr

MOVEit File Transfer Zero-day Compromises Multiple Organizations

Jun 8, 2023 By Kovrr In Kovrr
An attack exploiting CVE-2023-34362, a zero-day vulnerability in the MOVEit file transfer software, was disclosed at the start of June, with additional victims still being uncovered. The vulnerability is an SQL injection vulnerability that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. The attack was carried out by at least one threat who gained unauthorized access to the software and stole sensitive data from affected organizations.
Read Post

UpGuard Summit May 2023 - Panel Discussion

Jun 8, 2023 By UpGuard In UpGuard
Join Zindzi Speede, our Technical Customer Success Manager, as she and a panel of cyber security experts delve into topics such as best practices, compliance, and the implications of AI on cyber security. Guests Jacques Van Zyl - Cyber Security Analyst at Youi Insurance Alen Zenicanin - Information Security Officer at Law in Order Michael Viney - Head of IT at Square Peg Capital.
View Video
SecurityScorecard

Forbes Media Publishes Industry's First List of America's Most Cybersecure Companies

Jun 8, 2023 By SecurityScorecard In SecurityScorecard

In a climate where companies largely gain attention only when something negative happens, it’s time to celebrate and recognize the companies who are best in class when it comes to cybersecurity. That’s why we applaud Forbes’ decision to produce the industry’s first list of America’s Most Cybersecure Companies. These companies illuminate how cybersecurity is being taken seriously as a core business issue.

Read Post
riscosity

ChatGPT and Software Supply Chain Risks

Jun 8, 2023 By Security Guest Expert In Riscosity

While some of the obvious misuse of ChatGPT in the world of cyber security was not unexpected – asking the artificial intelligence to write harder-to-detect malware and easier-to-convince phishing emails – a new threat has emerged that can leverage the very nature of the large language model. Ultimately, ChatGPT is a learning machine, and bases its answers on information it sources from the Internet.

Read Post
SecurityScorecard

Three Steps to Prevent a Cybersecurity Breach from MOVEit Exploit

Jun 7, 2023 By SecurityScorecard In SecurityScorecard

SecurityScorecard conducted an extensive investigation into the Zellis breach. This research revealed alarming insights about the scale and persistence of the attack. The data exfiltration was carried out in several steps: Netflow data from Zellis IP ranges indicated large outbound transfers over HTTPS, which pointed towards the presence of a web shell. Additionally, SecurityScorecard researchers detected exfiltration over SSH to known malicious IP addresses.

Read Post
Subscribe to Risk Management

Copyright © 2024 OpsMatters™. All rights reserved.