Ep 4. ToolShell in the Wild: SharePoint Zero-Day CVE-2025-53770 Explained

Dec 5, 2025 By SafeBreach In SafeBreach
In this special episode, host Tova Dvorin sits down with SafeBreach experts Adrian Culley and Tomer Bar to unpack CVE-2025-53770 — a zero-day deserialization flaw in Microsoft SharePoint Server that enables unauthenticated remote code execution and long-term persistence. This isn’t theoretical. It’s actively exploited and tied to the evolving ToolShell attack chain. Here’s what you’ll hear in this episode.
View Video
acronis

Dharma (CrySiS) Ransomware: Technical Analysis, Context and Mitigation

Dec 5, 2025 By Acronis In Acronis
Dharma, also known as CrySiS, is a long running ransomware family first observed in 2016. It operates as ransomware as a service, where developers lease the malware to affiliates who deploy it. A variant discovered in March 2021 appends the ".biden" extension to encrypted files. This article provides a technical analysis of Dharma, outlines its infection vector, describes its encryption workflow, and offers guidance for mitigation.
Read Post

Ep 3. Palo Alto Networks Research and AI Generated Attacks

Dec 5, 2025 By SafeBreach In SafeBreach
AI isn’t just changing cyber defense—it’s transforming how attacks happen. In this episode, Tova Dvorin sits down with Tomer Bar and Shelly Zucker from SafeBreach to explore how AI-powered threats are reshaping the battlefield. Hear about: If you’re in cybersecurity, risk, or IT, this is your must-listen guide to preparing for the AI-enabled threat era.
View Video

Keeper 101: KeeperAI Threat Detection for Privileged Sessions

Dec 5, 2025 By Keeper Security In Keeper
In today's threat landscape, a single compromised privileged session can mean the difference between routine administration and a catastrophic breach. Organizations currently have no automated way to monitor user session recordings for security threats. Teams are forced to manually sift through enormous volumes of session data – including keystrokes, commands, and screenshots, which is slow, inefficient and error-prone.
View Video
acronis

Why Acronis validation for Ignition is critical for OT resilience

Dec 5, 2025 By Lee Pender In Acronis
Technology failures are inevitable in operational technology (OT) environments. While prevention is essential, the ability to recover quickly is what ultimately protects operations. When OT systems fail, production stops and the costs of reduced production, missed deliveries and possible regulatory problems immediately begin to accumulate. Manufacturers, utilities and industrial operators need to be able to get systems up and running again as rapidly as possible after an incident.
Read Post

A Deep Dive Into ggshield, The GitGuardian CLI

Dec 5, 2025 By GitGuardian In GitGuardian
In this in-depth walkthrough, we will show you how to turn ggshield, the GitGuardian CLI, into a practical guardrail for keeping secrets out of your code and CI pipelines. You’ll see exactly how to install and authenticate ggshield, then use it to scan repositories, local paths, archives, Docker images, PyPI packages, and CI environments for hardcoded credentials. We’ll also walk through configuring Git hooks with ggshield install.
View Video
nucleus

Automating SLAs in Risk-Based Vulnerability Management: Turning Deadlines into Results

Dec 5, 2025 By Aaron Attarzadeh In Nucleus
Many organizations set remediation SLAs, but static severity-based timelines and manual tracking prevent them from meeting those deadlines in a way that meaningfully reduces risk. This article outlines how automated, risk-based SLAs connect timelines to real exploitability, exposure, and asset value, turning deadlines into reliable, measurable outcomes. Key takeaways from this article.
Read Post
Subscribe to Security

Copyright © 2026 OpsMatters™. All rights reserved.