Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ep 8: Living Off The Land

May 5, 2025 By Rubrik In Rubrik
Cyber experts start getting called into electric, water, pipeline, railway, and transportation hubs around the country. Hackers have found a clever way to embed in these systems, using a small, unsuspecting device in everyday Americans’ homes. And once these hackers get in, they’re not dropping the usual malware, or sucking much of any data out. Unlike their predecessors, these hackers are very careful to cover their tracks. It appears they’re just lying in wait. Sleeper cells waiting for marching orders. So what’s the trigger? And what happens if they pull it?
View Video
indusface

The Rise of Vulnerability Exploits: Why Hackers Are Moving Beyond Phishing

May 5, 2025 By Phani Deepak Akella In Indusface
The 2025 edition of Verizon’s Data Breach Investigations Report (DBIR) shows a new reality: about one in five confirmed breaches now starts with exploitation of a software vulnerability, a 34 percent jump over the previous year and the first time the vector has surpassed phishing.
Read Post
11:11 systems

Getting Started with 11:11 Cyber Vault for Cohesity

May 5, 2025 By Jim Jones In 11:11 Systems
Leveraging this solution should help you optimize the cost of your overall Cohesity solution and adhere with a 3-2-1-1-0 protection strategy. This is part of the wider release of Cyber Vault products from 11:11 with versions for Veeam and Zerto coming shortly. We’ve been focusing on the deployment of the base Cohesity capability, Cloud Archive v2, lately.
Read Post
11:11 systems

Walking a Tightrope: Creating Effective Password Policies in Your Organization

May 5, 2025 By Scott Gray In 11:11 Systems
Tightrope walking, or funambulism, is a mesmerizing blend of skill, balance, and focus. Performers traverse a thin, elevated rope, using tools like balance poles to stabilize and counter gravity. It demands precise movements, mental composure, and confidence to overcome fear. Rooted in ancient traditions, it remains a captivating symbol of risk and control.
Read Post

EP 6 - Incident Response POV: 2025 Emerging Threats

May 5, 2025 By CyberArk In CyberArk
In this episode of Security Matters, host David Puner, dives into the world of evolving cyberthreats with Bryan Murphy, Senior Director of CyberArk's Incident Response Team. Imagine a scenario where an attacker uses AI-generated deepfakes to impersonate your company's VP of finance, gaining unauthorized access to your environment. Bryan Murphy shares insights on how these sophisticated attacks are turning identity into the attack surface and why your first line of defense might be as simple as a video call.
View Video
Snyk

Learn About Open Source Security Risks With the New Snyk Learn Learning Path

May 5, 2025 By Michael Biocchi In Snyk
Snyk Learn, our developer security education platform, now includes lessons on risks in open source software! Check out the new learning path that covers the OWASP Top 10 risks for open source software. Open source software forms the backbone of today’s digital infrastructure. From libraries and frameworks to entire platforms, open source is everywhere. But as a famous uncle once said, with great power comes great responsibility!
Read Post
mend

Dynamic Application Security Testing: DAST Basics

May 5, 2025 By Mend.io Communications In Mend
DAST is a security tool that attempts to penetrate an application from the outside by checking its exposed interfaces for vulnerabilities and flaws. Sometimes called a web application vulnerability scanner, it is a type of black-box security test. It looks for security vulnerabilities by simulating external attacks on an application while the application is running.
Read Post
Arctic Wolf

Uptick in Ransomware Threat Activity Targeting Retailers in the UK

May 5, 2025 By Arctic Wolf Labs In Arctic Wolf
Between April and May 2025, several large UK retailers were impacted by security incidents which resulted in the disruption of their operations. Arctic Wolf is monitoring the threat landscape for new indicators of compromise related to Scattered Spider and DragonForce, and will alert Managed Detection and Response customers if any malicious activity is observed.
Read Post
Arctic Wolf

Arctic Wolf Observes Exploitation of Path Traversal Vulnerability in Samsung MagicINFO 9 Server (CVE-2024-7399)

May 5, 2025 By Andres Ramos In Arctic Wolf
As of early May 2025, Arctic Wolf has observed exploitation in the wild of CVE-2024-7399 in Samsung MagicINFO 9 Server—a content management system (CMS) used to manage and remotely control digital signage displays. The vulnerability allows for arbitrary file writing by unauthenticated users, and may ultimately lead to remote code execution when the vulnerability is used to write specially crafted JavaServer Pages (JSP) files.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.