obrela

Why MDR Matters for Building Cyber Resilience in Telecoms

Dec 19, 2025 By Nik Levantis In Obrela
Telecom networks are the backbone of the digital economy. They must deliver secure, always-on connectivity at scale, supporting everything from critical national infrastructure to everyday consumer services. But cyber resilience today is no longer defined by uptime alone. It is about the ability to withstand, detect, and respond to highly targeted cyber threats that are designed to exploit the very fabric of telecom environments.
Read Post
levelblue

A Year in Review: Taking a Look Back at LevelBlue SpiderLabs' 2025 Predictions

Dec 19, 2025 By LevelBlue In LevelBlue
At this time last year, LevelBlue asked its experts to offer up some thoughts on what the coming year, 2025, would bring. So, with a year of hindsight, let’s keep ourselves honest and take a look to see what we got right and where we were a bit off. December 2025.
Read Post
indusface

Managed DDoS Protection for E-commerce: Securing Online Store Availability

Dec 19, 2025 By Vinugayathri Chinnasamy In Indusface
The digital storefront never sleeps, but in the first half of 2025, it has faced unprecedented hostility. According to the State of Application Security report 2025 Report, the threat landscape has shifted dramatically. E-commerce has become a primary target, with DDoS incidents in the retail and e-commerce sector spiking by 420%. Perhaps even more concerning is the vector of these attacks: attacks on APIs rose by 104%, with vulnerability exploitation increasing 13-fold.
Read Post

Continuous Vendor Risk Monitoring: Real-Time Cyber Risk Visibility with Bitsight

Dec 19, 2025 By Bitsight In BitSight
Gain real-time visibility into cyber risks across your entire vendor ecosystem with Bitsight Continuous Monitoring. Continuously track third- and fourth-party security performance, uncover hidden vulnerabilities, and identify high-risk changes before they impact your business. Powered by the industry’s most comprehensive cyber risk data, Bitsight helps security and GRC teams respond faster to critical threats—including zero-day vulnerabilities—while improving vendor collaboration and strengthening overall supply chain resilience.
View Video
wallarm

CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate

Dec 19, 2025 By Wallarm In Wallarm
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a practitioner’s mindset to leadership and incident response.
Read Post
Arctic Wolf

CVE-2025-20393: Threat Campaign Targeting Cisco Secure Email Gateway, Cisco Secure Email and Web Manager

Dec 19, 2025 By Julian Tuin In Arctic Wolf
On December 17, 2025, Cisco published an advisory detailing a new threat campaign identified on December 10, affecting the Cisco AsyncOS software used on Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The campaign is exploiting an unpatched zero-day vulnerability, which only affects deployments with the Spam Quarantine feature enabled. It allows threat actors to execute arbitrary commands with root privileges on affected devices. This feature is not enabled by default.
Read Post
trustcloud

Acceptable use policy template guide for powerful compliance

Dec 19, 2025 By Shweta Dhole In TrustCloud
An Acceptable Use Policy (AUP) is a strategic compliance tool that protects people, data, and systems while setting clear expectations for technology use. A well-crafted AUP turns subjective norms into measurable rules that everyone in the organization can follow, helping mitigate legal, security, and operational risk. By standardizing acceptable behavior and linking usage rules to broader governance and risk management objectives, companies create shared understanding and accountability across teams.
Read Post

How To Install ggshield on Mac, Windows, and Linux

Dec 19, 2025 By GitGuardian In GitGuardian
Install ggshield the right way for your OS and get scanning in minutes. In this video, we walk through the most common installation paths for macOS, Linux, and Windows, plus container options if that’s your workflow: macOS: install with Homebrew, or grab the standalone.pkg from the ggshield releases page (no Python required, but you’ll update manually). Linux: install via Deb/RPM packages available on Cloudsmith. Windows: install via Chocolatey, or download the standalone.zip from the releases page (no Python required, but you’ll update manually).
View Video
astra

Critical React2Shell RCE Hits React and Next.js (CVE-2025-55182 / CVE-2025-66478)

Dec 19, 2025 By Sanskriti Jain In Astra
React2Shell is a severe remote, unauthenticated RCE vulnerability recently uncovered in React Server Components (RSC) and the Next.js App Router — tracked as CVE-2025-55182, with CVE-2025-66478 later merged as a duplicate — that allows attackers to execute arbitrary code on servers by exploiting insecure Flight protocol deserialization (CWE-502), earning the flaw a maximum CVSS score of 10.0.
Read Post

AI, DDoS, and the Internet in 2025 | Cloudflare Radar Year in Review

Dec 19, 2025 By Cloudflare In Cloudflare
In this special Year in Review episode of This Week in NET, host João Tomé is joined by David Belson to break down the Cloudflare Radar 2025 Year in Review. Together, they explore what Cloudflare’s global network reveals about how the Internet evolved over the past year — from the rapid rise of AI crawlers and agent traffic, to record-breaking DDoS attacks, the spread of post-quantum encryption, and the growing impact of government-directed shutdowns and outages.
View Video
Subscribe to Security

Copyright © 2026 OpsMatters™. All rights reserved.