Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

OAuth security gaps at Booking.com (now remediated)

Mar 2, 2023 By Salt Security In Salt Security
This short video explains how Salt Labs researchers identified several critical security flaws on the popular travel site Booking.com. The flaws were found in the site's authentication functionality and could have allowed a malicious attacker to take over user accounts, access profile information, and take actions on behalf of the user such as booking or canceling reservations and ordering transportation services.
View Video
upguard

How to Comply with Australia's CIRMP Rules

Mar 2, 2023 By Kyle Chin In UpGuard

The Australian Cyber and Infrastructure Security Centre (CISC) recently announced that the Critical Infrastructure Risk Management Program (CIRMP) obligation had entered into effect. The Minister for Home Affairs, the Hon Clare O’Neil, signed the CIRMP Rules as the final part (Section 61) of the Security of Critical Infrastructure Act 2018 (SOCI Act) on 17 February 2023, effective immediately.

Read Post
alienvault

8 Common Cybersecurity issues when purchasing real estate online: and how to handle them

Mar 2, 2023 By Anas Baig In AT&T Cybersecurity

More and more, people are completing the entire real estate transaction process online. From searching for properties to signing documents, online convenience can make the process easier and more efficient. However, with all of this activity taking place on the internet, it is important to be aware of the potential security risks that come along with it.

Read Post
upguard

The Ultimate Cybersecurity Guide for Healthcare in 2023

Mar 2, 2023 By Edward Kost In UpGuard

Nearly 93% of healthcare organizations experienced a data breach in the last three years, and most of these events could have been avoided with basic cybersecurity practices. To help healthcare entities mitigate cybersecurity risks and increase their data breach resilience, we’ve created a comprehensive healthcare cybersecurity guide optimized for the biggest security threats in the industry.

Read Post
Snyk

Snyk in 30: Developer-first security democast

Mar 2, 2023 By Jim Armstrong In Snyk

In our latest Snyk in 30 democast, I demonstrated working on an app, starting in an IDE and going all the way to the live app deployed in the cloud. Along the way, I showed how Snyk fits into the tools a real developer might use. Specifically, I focused on the practical aspects of implementing Snyk in a real-world development and cloud environment, answering questions like: I’ll cover some of the main highlights from the presentation in this blog post.

Read Post
one identity

The hazards of not using just-in-time (JIT) privileged access in Active Directory

Mar 2, 2023 By Daniel.Conrad In One Identity

Active Directory (AD) is the foundation of managing identities, provisioning users and issuing permissions to network resources. These permissions range from the lowest levels of access to the highest levels of admin rights for privileged users. While having control over these permission levels is useful, organizations can open themselves up to serious vulnerabilities if they don’t manage the permission levels carefully.

Read Post
WatchGuard

XDR: what is it, how does it work and how do MSPs use it?

Mar 2, 2023 By Carlos Arnal In WatchGuard

We have been talking about eXtended Detection and Response (XDR) for some years now, but despite being a buzzword in the industry, a fundamental question remains: what are we really talking about here? According to Gartner, which first defined the term in 2020, XDR is a vendor-specific threat detection and incident response tool that natively integrates multiple security products into a cohesive security operations system.

Read Post
Subscribe to Security

Copyright © 2024 OpsMatters™. All rights reserved.