Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sumologic

Hunt for cloud session anomalies with Cloud SIEM

Mar 26, 2024 By Anton Ovrutsky In Sumo Logic
In today’s cloud-native world, systems are usually accessed by users from multiple devices and in various geographic locations. Anyone who has tried to operationalize an impossible travel type alert for cloud resources will understand the myriad nuances and gotchas involved in such an endeavor. A user may be accessing a cloud resource from a mobile device that is tied to a carrier network well away from their normal geographic location.
Read Post
Trustwave

Agent Tesla's New Ride: The Rise of a Novel Loader

Mar 26, 2024 By Trustwave In Trustwave
Malware loaders, critical for deploying malware, enable threat actors to deliver and execute malicious payloads, facilitating criminal activities like data theft and ransomware. Utilizing advanced evasion techniques, loaders bypass security measures and exploit various distribution channels for extensive impact, threat groups enhance their ability to download and execute various malware types as demonstrated by Smoke Loader and GuLoader, highlighting their role in extensive malware distribution.
Read Post
knowbe4

It's Official: Cyber Insurance is No Longer Seen as a 'Safety Net'

Mar 26, 2024 By Stu Sjouwerman In KnowBe4
A new report on the state of email security sheds some light on how organizations are viewing and approaching cyber insurance as they shift strategy toward being cyber resilient. The topic of cyber insurance has been covered quite a bit here on this blog. From when cyber insurance first began as a concept, to the challenges it poses for organizations looking as their last resort after an attack, to changes in insurance policy and law.
Read Post
cyberark

Enterprise Browsers Need to Secure Identities Without Compromise

Mar 26, 2024 By Gil Rapaport In CyberArk
Now is the time. It’s been over 30 years since the introduction of the first web browser. Since then, the browser has evolved into an application that allows us to stream entertainment, work and interact through social media. It’s the most widely used application among consumers … and now the enterprise. Unfortunately, there’s little separation between work and personal life when you use a browser designed for consumer use.
Read Post
veracode

Resolving Simple Cross-Site Scripting Flaws with Veracode Fix

Mar 26, 2024 By Robert Haynes In Veracode
In the last blog on fixing vulnerabilities with Veracode Fix, we looked at SQL Injection remediation in a Java application. Since then, we have released Fix support for Python (and PHP) and launched a new VS Code plugin that includes support for Fix. It seems appropriate, therefore, to look at resolving a problem in a Python app using Veracode Fix in the VS Code IDE. This time let’s examine a simple cross-site scripting (XSS) weakness.
Read Post
jfrog

NPM Manifest Confusion: Six Months Later

Mar 26, 2024 By Andrey Polkovnichenko In JFrog
Several months ago, Darcy Clarke, a former Staff Engineering Manager at GitHub, discovered the “Manifest Confusion” bug in the npm ecosystem. The bug was caused by the npm registry not validating whether the manifest file contained in the tarball (package.json) matches the manifest data published to the npm server. Clarke claims this to be a large threat, allowing malicious actors to deceive developers and hide harmful code from detection.
Read Post
graylog

Selecting SIEM Tools - Questions to Consider

Mar 26, 2024 By Graylog Security In Graylog
So, you’ve done your homework. You’ve clearly defined business requirements, and you think you want to implement a Security Information and Event Management (SIEM) solution into your organization. Cloud migration and remote work have changed the way threat actors attack, and it feels like every day you read about a new methodology. While a lot of companies added a SIEM to their cybersecurity technology stack, you’re not sure whether you can afford one.
Read Post

The 443 Podcast - Episode 283 - Trucking Worms

Mar 26, 2024 By WatchGuard In WatchGuard
This week on the podcast we discuss a vulnerability in required commercial truck hardware that could enable an automatically propagating worm across the entire US. Before that, we cover Apple's "un-patchable" vulnerability in their M-series processors as well as a vulnerability that could let attackers unlock hotel room doors at will. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
View Video

Unraveling Cyber Intrigue: Decoding the Complexities of State-Sponsored Hacking Groups

Mar 26, 2024 By Razorthorn In Razorthorn
Join us as we uncover the intricate web of state-sponsored hacking groups and the hidden motivations driving their actions. Explore insights from recent revelations, including examples from China dating back to 2012-2013, where various government agencies sponsored competing hacking groups. In this eye-opening discussion, we delve into the financial motivations behind these operations and shed light on the key players pulling the strings. From government agencies vying for dominance to clandestine funding sources, the landscape of cyber intrigue is more complex than meets the eye.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.