Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Trustwave

CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution

Nov 27, 2024 By by Pauline Bolaños In Trustwave
On November 20th, 2024, Zero Day Initiative (ZDI) researchers disclosed a critical flaw in 7-Zip. This widely used open-source file archiving software enables remote actors to perform remote code execution (RCE) on vulnerable 7-Zip versions. This vulnerability was originally discovered earlier this year and was reported to 7-Zip in June 2024.
Read Post
Snyk

Why a solid DevOps foundation is vital for effective DevSecOps

Nov 27, 2024 By Ben Desjardins In Snyk
As DevOps adoption has grown, organizations are pushing code into production faster than ever. However, the fast pace of DevOps has led many developers to view security as a bottleneck or afterthought, which means security teams need a new approach to keep up.
Read Post
Trustwave

Why a Zero Trust Architecture Must Include Database Security

Nov 27, 2024 By Trustwave In Trustwave
Whether the means of a cyber-attack are phishing, ransomware, advanced persistent threat, malware, or some combination, the target is ultimately the same: your data. So, as companies seek to implement a zero-trust approach to security, they would do well to include database protection. Interest in Zero Trust is certainly high, with nearly two-thirds (63%) of organizations worldwide having implemented a zero-trust strategy, according to a recent Gartner survey. But it is hardly all-encompassing.
Read Post
knowbe4

Nearly Every Hacker Believes AI Tools Have Created a New Attack Vector

Nov 27, 2024 By Stu Sjouwerman In KnowBe4
A new survey of hackers shows that AI is not only empowering hackers to be more effective, but that AI itself is “ripe for exploitation.” Rarely do we get to ask a hacker “what do you think” when it comes to cyber attacks, cybersecurity efforts, and what they think the future will hold. But Bugcrowd’s 2024 Inside the Mind of a Hacker Report (which surveyed 1300 hackers) hosts a treasure trove of data around how hackers see AI and the value it brings.
Read Post
knowbe4

CISA Strongly Recommends Phishing-Resistant MFA

Nov 27, 2024 By Roger Grimes In KnowBe4
We are excited to see the Cybersecurity Infrastructure Security Agency (CISA) and outgoing Director Jen Easterly strongly recommend PHISHING-RESISTANT multi-factor authentication (MFA). The majority of people, including the majority of cybersecurity practitioners, do not know that most MFA…especially the most popular types used today (e.g., one-time passwords, pushed-based, SMS-based, etc.), can be as easily phished or bypassed as the passwords they were intended to replace.
Read Post
knowbe4

75% of Black Friday Spam Emails Are Scams

Nov 27, 2024 By Stu Sjouwerman In KnowBe4
Three out of four Black Friday-themed spam emails are scams, according to researchers at Bitdefender. Most of these scams are targeting users in the US and Europe. “This year, 77% of all Black Friday-themed spam (by volume) analyzed by Bitdefender’s Antispam Lab team was classified as scams, while only 22% was identified as marketing lures—emails designed to drive traffic to legitimate but overly aggressive promotions,” the researchers write.
Read Post

The Vendor's Survival Guide to Security Questionnaires | TrustTalks Ep 5 | Security and GRC Podcast

Nov 27, 2024 By TrustCloud In TrustCloud
Seeking a solution that streamlines vendor risk management and automates security questionnaires? Imagine a tool that offers a comprehensive portal, securely shares information, uses AI to handle responses, and frees up your evenings. It might sound too good to be true, but with ⁠TrustShare⁠, it’s a reality. Forget the hassle of maintaining a knowledge base or configuring tools meant for RFPs. TrustShare takes care of everything, from AI-driven responses to seamless information sharing, which leads to faster sales cycles.
View Video

What happens when you switch audit firms? | TrustTalks - Ep 4 | Security and GRC Podcast

Nov 27, 2024 By TrustCloud In TrustCloud
Switching audit firms is not just a routine decision; it’s a strategic move that can significantly impact your business’s financial health and compliance. Whether you’re dissatisfied with your current auditor’s performance, seeking specialized expertise, or looking to cut costs, making the switch can offer numerous benefits and challenges. In this podcast, we’ll explore what happens when you switch audit firms, including the steps involved, potential risks, and key considerations to ensure a smooth transition.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.