Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

netskope

Cloud Abuse: New Technique Using Adobe Acrobat to Host Phishing

Nov 16, 2022 By Gustavo Palazolo In Netskope

Netskope Threat Labs recently discovered a phishing campaign that is abusing Adobe Acrobat to host a Microsoft Office phishing page. While abusing free cloud services to host malicious content is a popular attack technique, this is the first time we have seen Adobe Acrobat used to deliver malicious content. The attack starts with a phishing email that lures the user into opening a PDF file that redirects them to an Adobe Acrobat URL.

Read Post
Rubrik

Take the Uncertainty Out of Ransomware Recovery: Introducing Rubrik Cyber Recovery

Nov 16, 2022 By Rubrik In Rubrik

As the attack surface widens and cybercriminals get more sophisticated, organizations are struggling to prepare for and respond to ransomware and other cyber incidents. According to the inaugural State of Data Security report from Rubrik Zero Labs, a staggering 92% of global IT and security leaders are concerned they are unable to maintain business continuity following an attack.

Read Post
Snyk

How Atlassian used Snyk to solve Log4Shell

Nov 16, 2022 By Sarah Conway In Snyk

Snyk recently launched a multi-day live hack series with AWS, where experts demonstrated exploits in real-time and explained how to defend against those vulnerabilities. This series helped viewers discover new ways to improve security across the application stack for AWS workloads. As part of the series, Micah Silverman (Director of Developer Relations, Snyk) and Chris Walz (Senior Security Engineer, Atlassian) discussed Log4Shell.

Read Post
Snyk

Best practices for Kubernetes Secrets management

Nov 16, 2022 By Eric Kahuha In Snyk

Kubernetes uses secret objects, called Secrets, to store OAuth tokens, secure shell (SSH) keys, passwords, and other secret data. Kubernetes Secrets allow us to keep confidential data separate from our application code by creating it separately from pods. This segregation, along with well-formed role-based access control (RBAC) configuration, reduces the chances of the Secret being exposed — and potentially exploited — when interacting with pods, thereby increasing security.

Read Post

How Patching Thwarts Cyber Attackers

Nov 16, 2022 By SecurityScorecard In SecurityScorecard
At SecurityScorecard, we analyzed open vulnerabilities across the entire Internet. Here are some of our shocking discoveries: Furthermore, on average, it takes these organizations a year to fix 50% of the vulnerabilities. That's why hackers often have the upper hand. Solution? Build a mature program that: Got questions? Let me know in the comments below. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over 12 million companies continuously rated. The company is headquartered in New York and operates in 64 countries around the globe.
View Video

Demo: Upgrading a Firebox

Nov 16, 2022 By WatchGuard In WatchGuard
Because smaller companies are generally less protected and easier to break into, small business has become the new "big target" for cyberattacks. The Firebox M390 firewall is specifically engineered to defend all types of small businesses against attacks that are no less fierce than those targeting larger organizations. In this video, we show just how simple it is to upgrade your firewalls to the M390 with the optional Total Security Suite.
View Video

PyPi Malware Stealing Discord and Roblox Payment Info

Nov 16, 2022 By Snyk In Snyk
In this livestream we dive into the latest set of malicious packages discovered by the Snyk security research team. We are joined by senior security researcher at Snyk Raul Onitza-Klugman as we also discuss how these findings came to be, what they mean for open source security, and some hypotheses about the future of supply chain security. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.
View Video

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Nov 16, 2022 By Snyk In Snyk
Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.
View Video
Trustwave

How Trustwave Uses the NIST Framework to Inform Strategy and Mitigate Cybersecurity Risk

Nov 16, 2022 By Trustwave In Trustwave

The National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF) is one of several “gold level” standards used by public and private organizations as the basis for their cybersecurity protocols. It is also the benchmark utilized by Trustwave to protect our clients. NIST rolled out the CSF in 2014 as a set of guidelines for mitigating organizational cybersecurity risks.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.