Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Friday Flows Episode 27: Disabling AWS User from Hunters Alert with Jira Prompt

Jul 17, 2024 By Tines In Tines
We're excited to bring you another workflow from the Tines library and to introduce your new Friday Flows host Cameron Higgs! The legendary Blake Coolidge is handing over the reins for a season but he'll be back on your screens before too long. In this episode, Conor Dunne walks Cameron through a workflow that pulls leads related to the Amazon Web Services (AWS) environment flagged by Hunters and searches for users with unauthorized permissions.
View Video

Introducing Teleport VNet

Jul 17, 2024 By Teleport In Teleport
Simplify Secure Access with Teleport VNet! Discover how Teleport VNet revolutionizes connecting to TCP applications through Teleport. This video guide walks you through: What is VNet and how it works Setting up VNet on macOS using Teleport Connect Connecting to TCP apps seamlessly Using VNet with tsh command-line tool Troubleshooting tips and best practices Learn how VNet automatically proxies connections, enhancing security without compromising ease of use. Perfect for DevOps, sysadmins, and anyone working with remote TCP applications.
View Video
knowbe4

New Ransomware Threat Group Calls Attack Victims to Ensure Payments

Jul 17, 2024 By Stu Sjouwerman In KnowBe4
Analysis of new ransomware group Volcano Demon provides a detailed look into how and why calling victims ups the chances of ransomware payment. Security researchers at Halcyon have uncovered a new ransomware threat group that initially follows traditional methods – harvesting admin credentials, data exfiltrated to a C2 server, logs cleared and data was encrypted using LukaLocker. However, Volcano Demon attacks take a different direction in the extortion phase.
Read Post
Trustwave

6 Steps on How to Respond to a Data Breach Before it Ruins Your Business

Jul 17, 2024 By Trustwave In Trustwave
Too many consumers have awoken one morning to find messages from a retailer or their bank detailing purchases made through their account of which they were unaware. While the realization that they have been hacked will cause some well-deserved panic for the account holder, it usually only takes a few phone calls to cancel purchases, change a password, and cancel a credit card to put a stop to the problem.
Read Post
datadog

Detect SSRF attacks in cloud applications and APIs

Jul 17, 2024 By Mallory Mooney In Datadog
APIs can be vulnerable to a wide variety of attacks, such as poor inventory management and access controls, making them a primary target for attackers. Server-side request forgery (SSRF) is one type of attack that has become more prominent with the rising use of public clouds. This is primarily due to new development practices like using Instance Metadata Services (IMDS) to access valuable information about deployed instances, such as credentials.
Read Post

Everything to prepare for the 90-day SSL/TLS certificate validity proposal

Jul 17, 2024 By ManageEngine In ManageEngine
In a recent proposal, Google has expressed its intention to reduce the validity of SSL/TLS certificates to 90 days, a reduction from the current validity of 398 days. The move is focused on ensuring faster security updates, improving adoption of newer cryptographic standards, and eliminating the reliance on imperfect revocation systems. While this move promises several security benefits, without a proper certificate life cycle management (CLM) solution in place, enterprises will face operational nightmares when the proposal becomes a mandate. Is your business ready for this change?
View Video

Copyright © 2026 OpsMatters™. All rights reserved.