How to detect React2Shell attacks using network-based threat hunting

Dec 16, 2025 By Corelight In Corelight
How do you find React2Shell vulnerabilities or detect React2Shell attacks in real environments? In this video, Corelight cloud security researcher David Burkett walks through how to threat hunt React2Shell by focusing on post-exploitation behavior at the network level. Instead of relying on exploit signatures, the approach uses application baselining and network traffic analysis to identify abnormal behavior.
View Video
datadog

Troubleshooting Cilium network policies: Four common pitfalls

Dec 16, 2025 By Mallory Mooney In Datadog
Cilium network policies (CNPs) extend Kubernetes’ L3/L4 controls to the application layer (L7). CNPs provide teams with advanced networking capabilities, but they can also introduce new ways for connectivity to fail, especially in environments running thousands of workloads. Many of these issues stem from differences in how Kubernetes and Cilium interpret the same concepts, such as label scoping, IP-based rules, service identities, and how default-deny behavior is applied.
Read Post
Arctic Wolf

New Attack Technique "ConsentFix" Hijacks OAuth Consent Grants

Dec 16, 2025 By Andres Ramos In Arctic Wolf
On December 11, 2025, Push Security published research detailing a newly observed browser-based phishing technique called ConsentFix. The name ConsentFix is derived from its similarity to the previously documented ClickFix technique using fake CAPTCHA pages. ConsentFix, enables threat actors to gain cloud account access without capturing passwords, multifactor authentication (MFA) codes, or other credentials by abusing legitimate OAuth authentication and consent flows.
Read Post

Phish No More: Instant Defense with Cato SASE

Dec 16, 2025 By Cato Networks In Cato Networks
Phishing remains one of the most common ways attackers try to breach enterprise environments. Traditional tools often detect these attempts too late, giving attackers time to gain a foothold. In this demo, you’ll see how the Cato SASE Cloud Platform stops phishing attempts in real time. Cato inspects every click, evaluates threats instantly, and blocks malicious sites before they load, without slowing users down.
View Video
ThreatQuotient

From compliance to culture: An MSP's guide to driving real security awareness with threat intelligence

Dec 16, 2025 By ThreatQuotient In ThreatQuotient
In times of geopolitical and economic instability, no organization would consider running without backups, additional support, clear end goals, and company-wide communication. Within business, the wisdom of strength in numbers and power in unity is widely understood. However, when it comes to its cybersecurity, a critical pillar that reputation, safety, and resilience rely upon, the opposite often happens.
Read Post
Arctic Wolf

How To Reduce Risk This Holiday Season

Dec 16, 2025 By Adam Marrè In Arctic Wolf
The holiday season is traditionally a period of goodwill, gift giving, and time with loved ones, but if you are responsible for your enterprise’s cyber defenses it’s also a time when you should have a heightened awareness of cyber risk. Cybercriminals often treat this time of year as a prime opportunity to exploit the unprepared and unwary.
Read Post

FAIK Everything: The Deepfake Training Playbook

Dec 16, 2025 By KnowBe4 | Human Risk Management In KnowBe4
Learn how to understand, combat, and even create synthetic media in this essential deepfake training session with Perry Carpenter, KnowBe4's Chief Human Risk Management Strategist. Deepfakes and synthetic media are no longer futuristic threats—they are here now, and organizations are already experiencing deepfake-related attacks. A May 2024 study showed that 25.9% of organizations have experienced deepfake-related attacks, with other indicators suggesting the number may be closer to 90%. It is high time to prepare people to deal with this evolving threat.
View Video
Hidden Costs That Eat Your AWS Credits Faster Than You Expect

Hidden Costs That Eat Your AWS Credits Faster Than You Expect

Dec 16, 2025 By SecuritySenses In SecuritySenses
You finally land a big pile of AWS credits. Maybe $10,000 from AWS, or even close to $100,000 through a startup program. It feels like someone gave you an unlimited cloud card. For a few weeks, life is good. You launch new services, spin up bigger instances, create extra test environments, and nobody worries about the bill. Then one morning you open the AWS console and see this: credits almost gone, real charges starting next month.
Read Post
What Is a Prop Firm and How Technology Ensures Secure Trading

What Is a Prop Firm and How Technology Ensures Secure Trading

Dec 16, 2025 By SecuritySenses In SecuritySenses
In today's fast-paced financial markets, professional trading has evolved significantly, thanks to the rise of proprietary trading firms, commonly known as prop firms. These firms provide traders with the capital and resources necessary to trade financial instruments without risking their own money. But beyond the financial mechanics, technology plays a critical role in ensuring that trading within prop firms is secure, efficient, and transparent. This article explores what is a prop firm and the technological safeguards that protect both traders and firms in the digital era.
Read Post
Transforming Office Communications with Corporate Digital Signage

Transforming Office Communications with Corporate Digital Signage

Dec 16, 2025 By SecuritySenses In SecuritySenses
In the modern workplace, the ability to communicate effectively with staff and visitors is paramount. Increasingly, businesses are turning to corporate digital signage systems as a solution. These systems offer dynamic and engaging ways to convey information, streamline communication, and enhance the overall environment within an office.
Read Post
Subscribe to Security

Copyright © 2026 OpsMatters™. All rights reserved.