Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

WatchGuard

New NIST Guidelines: Rethinking Passwords

Dec 3, 2024 By Sam Manjarres In WatchGuard
The National Institute of Standards and Technology (NIST) issued a new perspective on password management policies, recognizing that many traditional practices used to ensure password security are no longer effective. The suggested practices to eliminate include not requiring periodic password changes, reducing restrictions on special characters, and discontinuing the use of security questions for account recovery.
Read Post
Torq

5 Secrets of a SOC Leader Turned Field CISO

Dec 3, 2024 By Patrick "PO" Orzechowski In Torq
Torq is thrilled to have Patrick Orzechowski (also known as “PO”) on board as our new Field CISO, bringing his expertise and years of experience as a SOC leader to our customers. PO is a seasoned security veteran with a deep understanding of the modern security landscape. By way of introduction, below he shares his five top pieces of advice for SOC leaders facing today’s security challenges.
Read Post

How to Hide & Disable default WP Login form? | WordPress SSO Security

Dec 3, 2024 By miniOrange In miniOrange
Say Goodbye to Login Hassles with WordPress SSO! Tired of remembering multiple passwords on your WordPress site? With miniOrange's Hide and Disable WordPress Login feature, you can completely hide the default login form and implement a Single Sign-On WordPress option with your preferred Identity Provider. This game-changing solution not only simplifies access but also elevates your WordPress admin login security.
View Video

Web Shell Upload Via Extension Blacklist Bypass - Part 2

Dec 3, 2024 By VISTA InfoSec In VISTA InfoSec
Web shell attacks are a critical and growing threat, often evading traditional defenses. In this Part 2 of our exploration into web shell attacks, we uncover how attackers leverage extension blacklist bypasses to upload malicious web shells and compromise systems. Stay informed! Like, comment, and subscribe for more expert insights into cyber threats and effective defense strategies. For Collaboration and Business enquiries, please use the contact information below.
View Video
bluevoyant

Risky Business: Working with Third Parties Across the Globe

Dec 3, 2024 By BlueVoyant In BlueVoyant
To show regional differences, BlueVoyant’s latest research report includes C-level executive responses from organizations in the U.S. and Canada, U.K., Continental Europe, and APAC. Singapore had among the lowest reported negative impacts from third-party cyber breaches, while the U.K. had the most. Regional differences play a notable role in shaping how organizations approach and handle third-party cyber risk management (TPRM).
Read Post
cyberark

Logins Are Cheap. Peace of Mind Is Priceless.

Dec 3, 2024 By Archit Lohokare In CyberArk
Imagine a typical morning at an enterprise: employees, remote workers, contractors and partners log in, browsing and accessing apps and files they need to do their jobs. All seems calm. But behind the scenes, security teams face a different reality. They’re managing an explosion of high-risk identities and passwords across countless endpoints, dealing with unchecked admin rights, rising security costs and compliance pressures.
Read Post
gitguardian

The Hidden Challenges of Automating Secrets Rotation: Why Automatic Credential Rotation Isn't a One-Click Solution

Dec 3, 2024 By Dwayne McDaniel In GitGuardian
Automating secrets rotation requires maturity and planning. Let's look at how to inventory, scope, and secure credentials without risking downtime or vulnerabilities.
Read Post
Razorthorn

Security Culture: Moving Beyond Basic Awareness Training

Dec 3, 2024 By Razorthorn In Razorthorn
By James Rees, MD, Razorthorn Security The landscape of cybersecurity awareness has changed dramatically in the last 25 years. What began as simple password guidance and basic IT training has evolved into a complex web of security challenges that organisations must navigate daily. Back in December 1999, the world held its breath waiting for the Y2K bug to wreak havoc on computer systems globally.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.