Ep 4: Stop writing dumb AI security policies: use threat models, not fear

Aug 5, 2025 By Sumo Logic, Inc. In Sumo Logic
AI policy is not a yes/no question. Security isn’t here to be the morality police. Our job is to enable the business safely. Join security experts Adam White and David Girvin as they chat about the importance of using threat models, a simple framework, and five policy areas you are probably ignoring.
View Video
Content Marketing Is the Key to Sustainable Business Growth

Content Marketing Is the Key to Sustainable Business Growth

Aug 5, 2025 By SecuritySenses In SecuritySenses
Content marketing is no longer just a buzzword; it has become a core business strategy. As consumer behavior shifts and digital platforms continue to evolve, brands must find authentic ways to connect with their audiences. Instead of relying solely on hard-sell tactics, content marketing offers valuable information that meets the needs of potential customers. This approach helps build trust, strengthen brand authority, and promote long-term engagement. For companies focused on scaling, content becomes more than just a tactic; it serves as the engine behind sustainable growth.
Read Post
opensslconference

Early Bird Registration Now Open for The Inaugural OpenSSL Conference 2025

Aug 4, 2025 By OpenSSLConference
Early Bird registration is now available for the inaugural OpenSSL Conference, scheduled for October 7-9, 2025, in Prague. The event will bring together leading voices in cryptography, secure systems, and open-source infrastructure. Early registrants can save up to $240 per ticket.
Read Post
squarex

SquareX Researchers Reaffirms their Browser Security Thought Leadership with Multiple Vulnerability Disclosures in Key Black Hat and DEF CON 33 Talks

Aug 4, 2025 By SquareX
SquareX will be disclosing multiple key research findings at Black Hat USA and DEF CON 2025 this August. Through multiple talks, the researchers will be revealing critical architectural vulnerabilities in passkey authentication systems, enterprise DLP and browser extensions.
Read Post
knowbe4

If You Think Social Engineering Is Bad, It's Going To Get Worse

Aug 4, 2025 By Roger Grimes In KnowBe4
There is no other way to say it clearer, social engineering is going to be a lot, lot worse soon and far more successful than it is today. And that’s saying a lot. It’s already pretty bad. As I’ve been touting for over 20 years…in hundreds of articles…social engineering is involved in more successful data breaches than any other single hacker method.
Read Post

Requesting Secure Just-in-Time Access with Apono for Slack

Aug 4, 2025 By Apono In Apono
Apono’s Slack integration lets engineers request scoped, least‑privilege JIT access right from Slack—no tickets, no context switching. You’ll see how it creates and tears down access roles automatically while logging every action, so your team stays productive and compliant without sacrificing security. Ready to eliminate standing privileges? Try Apono with Slack today.
View Video
knowbe4

How Hackers Exploit Microsoft Teams in Social Engineering Attacks

Aug 4, 2025 By KnowBe4 Team In KnowBe4
Attackers are using Microsoft Teams calls to trick users into installing the Matanbuchus malware loader, which frequently precedes ransomware deployment, according to researchers at Morphisec. Matanbuchus is a malware-as-a-service offering that allows threat actors to install additional payloads onto infected Windows systems. “Over the past nine months, Matanbuchus has been used in highly targeted campaigns that have potentially led to ransomware compromises,” Morphisec says.
Read Post
cato networks

Cato CTRL Threat Research: New Streamlit Vulnerability Enables Cloud Account Takeover Attack and Stock Market Dashboard Tampering

Aug 4, 2025 By Yuval Moravchick In Cato Networks
Imagine financial analysts watching stock prices suddenly drop. Dashboards show misaligned data, market confidence disappears, and trading screens across the NASDAQ turn red. But this time, the disruption isn’t caused by politics or economic shifts. It starts with a cyberattack. We reveal how a simple and overlooked flaw in Streamlit’s file upload feature, part of a widely used open-source framework for building stock market dashboards, could be used to cause this kind of financial chaos.
Read Post
Snyk

Secure at Inception: Introducing New Tools for Securing AI-Native Development

Aug 4, 2025 By Daniel Berman In Snyk
At Snyk, we believe you should never have to choose between speed and security. As the age of AI transforms software development, our goal is to extend our developer-first security approach to this new era, providing the essential tools your teams need to build with confidence. Today at Black Hat, we are delivering on that vision with three tangible innovations that offer a comprehensive solution to secure the entire code lifecycle with AI.
Read Post
Subscribe to Security

Copyright © 2026 OpsMatters™. All rights reserved.