Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CalCom

Russian Hackers Exploit MFA protocols and Print Spooler "PrintNightmare" vulnerability

Mar 20, 2022 By John Gates In CalCom
A joint Cybersecurity Advisory (CSA) was issued by the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) recently warning organizations about a Russian state-sponsored cyber-attack. The cyber actors ran arbitrary code using system privileges by exploiting a Windows Print Spooler vulnerability, “PrintNightmare.”
Read Post
tripwire

EPP/EDR: What Is It and How Can It Help to Keep Your Organization Safe?

Mar 20, 2022 By Phil Labas In Tripwire

Endpoint devices played a big part in malware and ransomware attacks in 2021. According to a study covered by Help Net Security, security researchers detected more malware and ransomware endpoint infections in the first nine months of the year than they did for all of 2020. Attack scripts leveraging PowerSploit, Cobalt Strike, and other tools were particularly prevalent in that nine-month period, having grown 10% over the previous year after having already climbed 666% compared to 2019.

Read Post
tripwire

How to Combat Asset Blindness in OT Security

Mar 20, 2022 By Tripwire Guest Authors In Tripwire

One of the main challenges of OT security is the problem of compatibility. OT components often differ significantly from each other in terms of age and sophistication as well as software and communication protocols. This complicates asset discovery and makes it difficult to establish a consistent cybersecurity governance approach. Combating asset blindness in OT security begins with taking account of these differences.

Read Post

How Firewall Security Assessment Services Can Protect Your Data | Cyphere

Mar 19, 2022 By Cyphere In Cyphere
In this video, I will walk you through how a firewall security assessment service can protect your data. A firewall is the first line of defence for any company's cyber-security and is often overlooked by IT departments who are tasked with protecting these companies from hackers. A security assessment is a proactive measure that can help identify potential vulnerabilities before they're exploited in an attack.
View Video

Balancing Security and Agility While Scaling Your Company with Michael Coates

Mar 19, 2022 By Teleport In Teleport
Fast-growth companies are some of the richest targets for hackers because that’s where the user data is. How do you balance the security you need to protect your customers/users with the agility you need to build a business? This talk provides practical tips drawn from Michael Coates' experience as CISO of an iconic brand with hundreds of millions of users. The talk will also explore current threats, data breaches, and the new reality of risk to identify what security controls are actually needed for enterprises that are moving fast, leaning into new technology, and want effective security defenses.
View Video
snyk

node-ipc sabotages JavaScript developers

Mar 18, 2022 By Snyk In Snyk
On March 15, in an apparent act of protest against the Ukraine crisis, a supply chain attack was created which affects users of the popular JavaScript front-end development framework Vue.js and the Unity Hub. The attack creates a file with an antiwar message and introduces security vulnerabilities, with an earlier version corrupting user files on machines with Russian and Belorussian geolocations, replacing characters with heart emoji.
Read Post
ioncube24

Weekly Cyber Security News 18/03/2022

Mar 18, 2022 By Kevin In ionCube24

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. So many wonderful items to report on this week but limiting to three was a challenge. The first is a bizarre instance of a device literally talking to it’s self. Hilarious. Unless of course you end up with a massive bill for things you didn’t order…

Read Post
armo

NSA & CISA Kubernetes Hardening Guide - what is new with version 1.1

Mar 18, 2022 By Leonid Sandler In ARMO
In March 2022, NSA & CISA has issued a new version of the Kubernetes Hardening Guide – version 1.1. It updates the previous version that was released in August 2021. Kubernetes evolves fast, and Kubernetes adoption grows even quicker. Kubernetes has become a very popular target and therefore requires continuous enhancement of the protection measures.
Read Post
teleport

How to Stop Container Escape and Prevent Privilege Escalation

Mar 18, 2022 By Sadequl Hussain In Teleport

Container escape is a security risk in which malicious players can leverage a containerized application’s vulnerabilities to breach its isolation boundary, gaining access to the host system’s resources. Once an attacker accesses the host system, they can escalate their privilege to access other containers running in the machine or run harmful code on the host. Depending on how vulnerable the host is, the actor could also access other hosts in the network.

Read Post
egnyte

6 Reasons Cyber Insurance Prices Are on the Rise

Mar 18, 2022 By Neil Jones In Egnyte

What’s happening today in the cyber insurance market is comparable to what happens to property insurance in a region that experiences a major hurricane or devastating flood. Not only are your company’s premiums increasing; oftentimes, insurers are scrutinizing your overall risk preparedness as part of their renewal process. In the first part of this two-part series, we’ll examine why cybersecurity insurance premiums have skyrocketed.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.