Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

CVE-2023-41727, CVE-2023-46220, CVE-2023-46261, and More: Multiple Critical Vulnerabilities Patched in Ivanti Avalanche

Dec 22, 2023 By Andres Ramos In Arctic Wolf
On December 20, 2023, Ivanti announced that 20 vulnerabilities in Ivanti Avalanche On-Prem were patched in the product’s latest update. Arctic Wolf has highlighted 13 of these vulnerabilities in this bulletin that were rated as critical severity and could lead to remote code execution (RCE) or Denial of Service (DoS).
Read Post
idstrong

Weekly Cybersecurity Recap December 22

Dec 22, 2023 By Steven In IDStrong

This week was devastating for data breaches. Across the US, cybercriminals stole the information of 58.4 million consumers, patients, and students. Our reports began in West Virginia, where the MOVEit breach cannibalized another 495k records from 17 hospitals. Soon after, Mr. Cooper’s breach appeared with more information about their October event—14.7 million homeowners had their data stolen.

Read Post
idstrong

Xfinity Writhes; 36 Million Records Breached via Vendor Vulnerability

Dec 22, 2023 By Steven In IDStrong

Xfinity is the name of Comcast Communications’ internet, TV, and phone service; it is the most significant cabled internet service in the states, with more than 32 million residential customers. Available in 39 contiguous states and the capital, the service provides communication solutions for individuals, companies, institutions, and clinical networks. Xfinity’s vast influence has made them a target for cybercriminals.

Read Post
keeper

What Is a Credit Card Skimmer and How Can I Spot One?

Dec 22, 2023 By Aranza Trevino In Keeper

A credit card skimmer is a device that is attached to an actual card reader by a threat actor. Skimmers are commonly used by cybercriminals at non-bank ATMs and at gas station fuel pumps. Most skimmers installed at fuel pumps are placed outside of the view of the station administrator. Threat actors use skimmers to scan the information on a victim’s debit or credit card so they can commit credit card fraud or create counterfeit cards to sell on the dark web.

Read Post
graylog

SIEM, Simplified

Dec 22, 2023 By The Graylog Team In Graylog
Do you need better insight into the overall state of your network security? Take a step back and look through the larger lens of the SIEM solution. Security information and event management (SIEM) is an approach to security management that combines two aspects: Coined in 2005 by Amrit Williams and Mark Nicolett of Gartner, the term SIEM now serves as a synonym for the gathering, analyzing, and presenting network and security information as well as external threat data and vulnerability management.
Read Post

Decoding Ransomware's Code of Conduct: Surprising Rules of Engagement & the Robin Hood Twist #crypto

Dec 22, 2023 By Razorthorn In Razorthorn
Dive into the intriguing world of cybersecurity as we explore the surprising ethical guidelines followed by ransomware groups in this eye-opening video. It's crazy, but many of these cybercriminals adhere to a set of Rules of Engagement, steering clear of unthinkable targets like children's hospitals. While some still cross the line, a remarkable instance emerged when a ransomware group, upon realizing they had hit a kids' hospital, apologized and handed over the decryptor – a Robin Hood-esque gesture in the digital realm.
View Video

GitGuardian - Your code security platform

Dec 22, 2023 By GitGuardian In GitGuardian
In an era where digital security is paramount, GitGuardian stands as your ultimate code security solution. Presented by Mackenzie Jackson, a Developer Advocate at GitGuardian, this video unveils the platform's cutting-edge features designed to bolster your software supply chain. GitGuardian is your comprehensive safeguard, exposing and protecting critical assets across your supply chain. From Secrets Detection to Infra as Code Security and the powerful Honeytoken, this platform equips you to proactively secure your code.
View Video

Check if your secrets have leaked on GitHub - Has My Secret Leaked Demo

Dec 22, 2023 By GitGuardian In GitGuardian
Since 2017 GitGuardian has been monitoring all public activity on GitHub. Now in a new product called Has My Secret Leaked you can check if your secrets on GitHub. In this video, Mackenzie runs through how to use both the web interface and CLI tool GGShield to check if your secrets have ever been exposed on GitHub, regardless of if they have since been deleted. Has My Secret Leaked is a service that will first create a secure hash of your secret locally then match it to other hashes in the GitGuardian database.
View Video

Indusface WAS URL Verification - Email Method

Dec 22, 2023 By Indusface In Indusface
URL verification on Indusface WAS via email verification link: Verifying ownership is crucial when adding a new website to Indusface WAS. You would not be allowed to scan a website without the appropriate authorization from the owner. In order to perform a URL Verification on Indusface WAS, you may use this simple email verification method and start scanning your website right away.
View Video

Indusface WAS URL Verification - Metatag Method

Dec 22, 2023 By Indusface In Indusface
Verifying ownership is crucial when adding a new website to Indusface WAS. Before conducting a vulnerability scan on your website or app, confirming ownership of the application or domain is essential to prevent unauthorized access. For URL Verification on Indusface WAS, you can use any of the below methods: Learn how to verify your URL ownership using the Meta Tag method. This method provides a secure and efficient way to gain authorization before initiating scanning activities.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.