Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

splunk

Amadey Threat Analysis and Detections

Jul 25, 2023 By Splunk Threat Research Team In Splunk
The Amadey Trojan Stealer, an active and prominent malware, first emerged on the cybersecurity landscape in 2018 and has maintained a persistent botnet infrastructure ever since. Several campaigns have used this malware, like the previous Splunk Threat Research blog related to RedLine loader, the multi-stage attack distribution article from McAfee in May 2023 and the campaign where it uses N-day vulnerabilities to deliver Amadey malware noted in March 2023 by DarkTrace.
Read Post
Trustwave

ModSecurity v3: DoS Vulnerability in Four Transformations (CVE-2023-38285)

Jul 25, 2023 By Trustwave In Trustwave

ModSecurity is an open-source Web Application Firewall (WAF) engine maintained by Trustwave. This blog post discusses an issue with four transformation actions that could enable a Denial of Service (DoS) attack by a malicious actor. The issue has been addressed with fixes in v3.0.10. ModSecurity v2 is not affected.

Read Post
datadog

AWS threat emulation and detection validation with Stratus Red Team and Datadog Cloud SIEM

Jul 25, 2023 By Dayspring Johnson In Datadog

As attackers get more creative in their malicious tradecraft, cloud security teams must be able to keep up with detections that provide adequate coverage against the diverse threats to their cloud environments. Threat emulation enables cloud security teams to leverage their understanding of threat actor behaviors as a feedback loop for developing cloud-based detections and validating their resilience.

Read Post
upguard

What is SSL Certificate Expiration?

Jul 25, 2023 By Caitlin Postal In UpGuard
Your site has been configured with a SSL/TLS certificate from a trusted authority, but you're receiving risk findings that say your SSL certificate expired or is expiring. How can that be and what does it mean for your organization's cybersecurity? SSL/TLS certificates provide a critical security layer for your public web systems using the transport layer security (TLS) protocol (and its predecessor secure sockets layer or SSL).
Read Post

Corelight CEO, Brian Dye talks to NYSE's Trinity Chavez on 'The Cyber Series'

Jul 25, 2023 By Corelight In Corelight
What is network detection and response, how is it fundamental to #cybersecurity, and why should #investors and #security leaders be investing in the #NDR space? Watch as Corelight CEO Brian Dye shares the answers to these questions and more in a new interview with NYSE.
View Video

Mend.io Product Overview Demo

Jul 25, 2023 By Mend In Mend
Mend.io solves the toughest problems in application security for the largest and most demanding organizations in the world, and we do it with automation. Mend.io was the first application security vendor to provide automated remediation workflows for both open source and custom code. We have centered our product strategy on providing industry-leading prioritization of application security threats for both OSS and custom code, integrating automated dependency health to reduce the attack surface and ensuring fast and limitless scale to onboard developers and applications.
View Video

SBOMs: A Roadmap for a Secure Software Journey

Jul 25, 2023 By Mend In Mend
Software supply chain threats and increasing regulatory pressures make supply chain security a top priority for software organizations. While building secure applications is a must for any organization, the path to creating secure software is anything but clear. Software bills of materials (SBOMs) have emerged as an essential tool and a roadmap for organizations on their secure software journey.
View Video

Highlights From Impact Boston 2023

Jul 25, 2023 By CyberArk In CyberArk
IMPACT is CyberArk's annual customer and industry conference. More than 3,000 security leaders and practitioners participated in Boston and virtually to discuss the ever-expanding attack surface, attacker techniques and trends in identity-based cyberattacks, and the latest innovations in Identity Security technology. In-person attendees took advantage of hands-on product training and labs sessions, and obtained valuable certifications, as well as exchanged best practices and learnings with other customers.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.