Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

bitsight

Overcoming Cybersecurity Headwinds Part 3: Future Proofing Your TPRM Program

Oct 4, 2023 By Vanessa Jankowski In BitSight
Welcome back to our Overcoming Cybersecurity Headwinds blog series—building on our latest webinar about third party risk with Marc Crudginton, CISO at Howard Hughes Corporation. In our previous blogs, we explored the wisdom of centralizing cyber risk management and automating third-party risk management (TPRM). Today, we will focus on future proofing your TPRM program.
Read Post
sysdig

Using Runtime Insights with Docker Scout to Prioritize Vulnerabilities

Oct 4, 2023 By Victor Hernando In Sysdig

The cloud revolution has firmly taken hold, and businesses of all sizes are adopting cloud-native technologies. This new paradigm has also created newer attack surfaces for cybercriminals, who are eager to exploit known security gaps in cloud environments. Sysdig is collaborating with Docker to deliver a more efficient process for identifying risks and opportunities for accelerated remediation in Docker Scout using runtime insights.

Read Post

Watch out for Frankenphisher - Cybersecurity Awareness Month 2023

Oct 4, 2023 By KnowBe4 In KnowBe4
Imagine an artificial intelligence (AI) system developed by a mad scientist to leverage the full capabilities of Large-Language-Models (LLM). Then, the scientist went truly mad by utilizing text, voice, and video generation paired with mutating and self-perpetuating malware, as well as continuous improvement through reinforcement learning. The concoction you would get from the scientist’s wild lab is called Frankenphisher, the most effective social engineering AI you can possibly imagine.
View Video
ionix

Cisco VPN Zero-Day exploited by ransomware gangs (CVE-2023-20269) - Insights and best practices for defense Copy

Oct 4, 2023 By Ohad Shushan In IONIX

In the tech security scene, we’re always on the lookout for new vulnerabilities, especially when they are already exploited in the wild. The latest zero-day CVE-2023-20269 is hitting Cisco’s Adaptive Security Appliance VPN features. The attack surface scan conducted by IONIX research on a sample of organizations indicates that 13% of these appliances are potentially vulnerable through at least one interface.

Read Post
alienvault

The role of automation in mitigating cybersecurity risks

Oct 4, 2023 By Devin Morrissey In AT&T Cybersecurity

Cyberattacks are on the rise around the globe. Recent data suggest that there are 2,200 cyberattacks every day and that the average cost of a data breach is $9.44 million. Of those cyberattacks, 92% are delivered via email in the form of malware and phishing. In 2022 alone, businesses reported 255 million phishing attacks with an average cost of $4.91 million.

Read Post
Forescout

DarkGate Loader Delivered via Microsoft Teams - How It Works, How to Mitigate It and How Forescout Can Help

Oct 4, 2023 By Forescout Vedere Labs In Forescout
The threat intelligence data that Forescout Research – Vedere Labs curates comes from the millions of connected devices that we monitor, attacks we observe and dissect in our sandboxes, data relating to attacks that is traded on the Darknet, and from our Adversary Engagement Environment. We see a lot of data. One thing no cybersecurity researcher wants to see, however, is an attack on their own organization.
Read Post
egnyte

5 Key Considerations When Working with a CMMC Partner

Oct 4, 2023 By Bridget Wilson In Egnyte

While regulations like Cybersecurity Maturity Model Certification (CMMC) 2.0 have expanded in size and scope in the past several years, my experience with CMMC actually dates back to early 2017. At the time, I was working with a client who was a contractor for the U.S. Department of Defense. They were looking to jump into the deep end and start implementing the NIST Cybersecurity Framework, which CMMC is based upon.

Read Post

Auto-resolve Incidents When Valid Secrets Are Revoked With GitGuardian Playbooks

Oct 4, 2023 By GitGuardian In GitGuardian
Many teams choose to mark incidents as resolved once the secret involved has been revoked or rotated. With the GitGuardian auto-resolution playbook, you can automate the remediation process, saving you a step any time a credential becomes invalid. This works for both real-time detection and all historical incidents whenever an incident is re-checked for validity.
View Video
cloudflare

All Cloudflare Customers Protected from Atlassian Confluence CVE-2023-22515

Oct 4, 2023 By Himanshu Anand In Cloudflare

On 2023-10-04 at 13:00 UTC, Atlassian released details of the zero-day vulnerability described as “Privilege Escalation Vulnerability in Confluence Data Center and Server” (CVE-2023-22515), a zero-day vulnerability impacting Confluence Server and Data Center products. Cloudflare was warned about the vulnerability before the advisory was published and worked with Atlassian to proactively apply protective WAF rules for all customers.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.