Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Cybercriminals Use Telegram Bots to Exfiltrate Data In Phishing Kit Campaign

May 12, 2025 By KnowBe4 Threat Lab In KnowBe4
KnowBe4 ThreatLabs has identified and analyzed a sophisticated cross-platform phishing campaign that utilizes Telegram as its primary exfiltration channel. The campaign uses a combination of security-themed phishing emails, branded phishing websites to harvest credentials, and Telegram bots to exfiltrate data.
Read Post

May 12, 2025 Cyber Threat Intelligence Briefing

May 12, 2025 By Kroll In Kroll
This week’s briefing covers: Software Supply Chain Attack on Golang Leads to Wiper Malware A supply-chain attack has been discovered that targeted Linux servers through malicious Golang modules, mimicking legitimate modules, that were posted on GitHub. Continued Exploitation of Critical SAP NetWeaver Critical Vulnerability Further to Kroll’s reporting in previous weeks regarding active exploitation of CVE-2025-31324, a critical vulnerability that allows a threat actor to execute code remotely.
View Video
cycognito

External Attack Surface Management Promised Visibility - But Did It Deliver?

May 12, 2025 By Graham Rance In CyCognito
External Attack Surface Management (EASM) emerged with a bold promise: to illuminate the dark corners of an organization’s internet-facing infrastructure. It was sold as a panacea for “you don’t know what you don’t know,” offering security leaders the ability to see everything attackers could see. The expectation was straightforward—feed the EASM solution a few IP ranges or domains, and it would map your exposed assets, vulnerabilities, and risks.
Read Post
fidelis security

Difference Between Fidelis' Deep Session Inspection and Traditional Deep Packet Inspection (DPI)

May 12, 2025 By Fidelis Security In Fidelis Security
Deep Packet Inspection (DPI) was once the go-to method for monitoring network traffic, but it now struggles to detect today’s evasive, multi-stage cyberattacks that are spread across multiple channels and hidden deep within payloads. Fragmented visibility, surface-level scanning, and a lack of contextual understanding mean that malicious activity often slips through unnoticed, putting security teams constantly on the back foot.
Read Post
fidelis security

Context Rich Metadata: Best Practices and Techniques for Enhanced Data Analysis

May 12, 2025 By Fidelis Security In Fidelis Security
Are you struggling to make sense of your data files and ensure compliance with ever-changing regulations? Context rich metadata is your solution. By revealing detailed insights like creation dates, modification times, and access history, it not only boosts data analysis but also strengthens governance and compliance. Dive into this article to discover how to effectively implement and manage context rich metadata for enhanced data security and compliance.
Read Post
veracode

RSA Conference 2025: Four Days that Re-Energized My Faith That We Are Making Progress

May 12, 2025 By Chris Wysopal In Veracode
Walking into Moscone South on Monday morning I felt the familiar RSA buzz—thousands of badges, coffee lines that never end, and animated hallway debates about whether AI will save or sink us. This year the conversations were richer than ever. I was thankful that “Secure by Design” is still gaining traction, and many sessions—whether it was about agentic AI, new software liability proposals, or the talent crisis—had the need for secure software a given.
Read Post
cato networks

Navigating the World of Patching: Why Legacy Security Architectures Keep You Exposed

May 12, 2025 By Andrea Napoli In Cato Networks
A recent blog from a leading security vendor highlights what most security teams already know: attackers don’t need zero days to win. They exploit known vulnerabilities— “N-days”—because they know how hard it is for organizations to keep up with patching. The irony? That same vendor, like many others, ships and supports a vast portfolio of products—each with its own CVEs, patches, and advisories.
Read Post
astra

Continuous Threat Exposure Management (CTEM)

May 12, 2025 By Sanskriti Jain In Astra
Continuous threat exposure management (CTEM) is a structured framework for continuously assessing, prioritizing, validating, and remediating vulnerabilities across an organization’s attack surface, enabling you to respond effectively to the most pressing threats over an ever-expanding attack surface. Reactive security is a temporary fix, not a sustainable solution.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.