Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

memcyco

How SOC Teams Operationalize Real-Time Defense Against Credential Replay Attacks

Oct 3, 2025 By Riley MacCausland In Memcyco
Credential replay remains one of the most efficient ways attackers turn stolen usernames, passwords, or tokens into real account access. Verizon’s 2024 DBIR shows that over 40% of breaches involve stolen credentials, underscoring the durability of this tactic. Even strong authentication is not immune. Techniques like pass-the-cookie and adversary-in-the-middle phishing allow attackers to replay tokens and sidestep MFA.
Read Post
protecto

The Hidden Data Compliance Risk in AI Agents at Financial Institutions

Oct 3, 2025 By Anwita In Protecto
Artificial intelligence is reshaping financial services, from fraud detection to personalized banking assistants. But with innovation comes risk. AI agents—particularly those powered by large language models (LLMs)—are increasingly being embedded into financial workflows. While they promise efficiency, they also introduce a new layer of data compliance challenges.
Read Post
Internxt

Internxt Achieves ISO 27001 Compliance

Oct 3, 2025 By Internxt In Internxt
Internxt has always placed privacy and security at the core of everything we do. Today, we are proud to announce that we have successfully achieved ISO/IEC 27001:2022 compliance, a globally recognized standard for information security management. This milestone reflects our unwavering commitment to protecting our users’ data through rigorous security practices and independant audits.
Read Post

Inside Protecto: The Technology Powering Context Security for AI

Oct 3, 2025 By Protecto In Protecto
In this video, we take you under the hood of Protecto’s technology stack and show how it powers context-aware security for AI—while hiding the complexity behind simple APIs. At the core are two intelligence layers: You’ll also see how Protecto’s DeepSight engine, entropy-based tokenization, secure vault, and inference-level APIs deliver enterprise-scale security, compliance, and auditability. Protecto enables enterprises to safely unlock their data for GenAI, copilots, and Agentic workflows — without leaks, oversharing, or loss of AI capability.
View Video
vanta

8 fundamental AI security best practices for teams in 2025

Oct 3, 2025 By Vanta In Vanta
Organizations worldwide are increasingly developing or implementing AI-powered tools to streamline operations and scale efficiently. However, the benefits come with unpredictable risks unique to AI that need to be mitigated with the right safeguards. ‍ One of the biggest AI security challenges is the lack of formalized oversight. According to Vanta’s State of Trust Report, only 36% of organizations have AI-informed security policies in place or are in the process of building them.
Read Post
Trustwave

Notepad++ DLL Hijacking (CVE-2025-56383): CVSS 8.4 or CVSS 0.0?

Oct 3, 2025 By Trustwave In Trustwave
A vulnerability on a popular source-code editor has been recently released along with a proof-of-concept (POC) exploit, but the security community isn’t so sure that it’s a legitimate flaw. In this article, we look at CVE-2025-56383, discuss what developers are saying in the wild, and provide our experts’ take on the issue.
Read Post
upguard

Salesforce Extortion Accelerates With New Leak Site

Oct 3, 2025 By Greg Pollock In UpGuard
For months now, journalists and cybersecurity experts, including UpGuard, have been following the movements of the hacker collective “Scattered Lapsus$ Hunters,” a sort of supergroup of the already well-known cybercriminal entities ShinyHunters, Scattered Spider and Lapsus$. Now, this collective has launched a website where they can extort payment from entities in return for delisting and deleting their data.
Read Post
upguard

6 Ways to Make Your Risk Assessments Land With Stakeholders

Oct 3, 2025 By Shane Moosa In UpGuard
As businesses expand, so do their lists of third-party vendors—and with them, the number of risk factors and complexity. This increase means that security analysts are often overwhelmed by a growing number of vendor risk assessments. However, completing an assessment alone isn’t enough; its value depends on how effectively the results are communicated.
Read Post
indusface

Penetration Testing Metrics That Matter

Oct 3, 2025 By Vinugayathri Chinnasamy In Indusface
Running a penetration test is only half the battle. The real challenge is translating complex technical findings into insights that leadership can act on. The right metrics do not just highlight vulnerabilities; they tell a story about risk, resilience, and readiness. In this guide, we explore the penetration testing metrics that truly matter and how to present them in a way that resonates with decision-makers.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.