Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

knowbe4

Spear Phishing is the Top Cyber Threat to the Manufacturing Sector

Feb 20, 2025 By Stu Sjouwerman In KnowBe4
Spear phishing was the top cybersecurity threat to the manufacturing sector over the past six months, according to a report from ReliaQuest. These attacks accounted for 41% of true-positive alerts in the sector. “Spear phishing remains a favored tactic for attackers targeting manufacturing companies—and it’s easy to see why,” ReliaQuest says.
Read Post
safebreach

SafeBreach Coverage for US CERT AA25-050A [Ghost (Cringe) Ransomware]

Feb 20, 2025 By James Graham In SafeBreach
On February 19, 2025, the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint advisory to disseminate known Ghost (Cring)—(“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025. Detailed information about this threat and the associated IOCs and TTPs can be seen in the advisory: Ghost (Cring) Ransomware.
Read Post
Spectral

Subdomain takeover: 12 Ways to Prevent this Attack

Feb 20, 2025 By Eyal Katz In Spectral
Subdomain takeovers don’t happen because attackers are geniuses. They happen because DNS records get messy. It’s not exactly an exciting gig to track old services or clean up unused subdomains, but ignoring it creates a security hole you can’t afford. Microsoft discovered over 670 vulnerable subdomains in a single audit. On a larger scale, 21% of DNS records out there lead to unresolved content, and 63% of those throw ‘404 not found’ errors.
Read Post
appknox

Best DevSecOps Tools for Application Security in 2025

Feb 20, 2025 By Rucha Wele In Appknox
Building secure applications is about more than just adding security features at the end of the development process. It’s about addressing vulnerabilities and threats as they arise and improving security continuously—right from the start. That’s the power of DevSecOps.
Read Post
Zenity

Zenity Recognized in Gartner AI TRiSM Market Guide

Feb 20, 2025 By Michael Bargury In Zenity
Innovation, specifically the evolution of technology, has always been about expanding what’s possible or simplifying today’s complexity – sometimes both. We saw this with the internet revolution, adoption of cloud computing, remote working, low-code/no-code, and now AI is fundamentally reshaping how teams operate. While these advancements bring opportunities for organizations and push people’s creativity to new limits, they also introduce new risks.
Read Post

Trustwave is FedRAMP Authorized

Feb 20, 2025 By Trustwave In Trustwave
Trustwave is officially the first pure-play MDR provider to attain FedRAMP authorization! This milestone isn’t just a win for us, it’s a game-changer for federal and commercial organizations. With a continuously vetted security operations platform, parity across global regions, and a commitment to next-gen cloud security, we're setting the bar higher than ever. Hear from Trustwave Government Solutions President, Bill Rucker, on what this means for security, compliance, and the future of managed detection and response.
View Video

How Third-Party APIs Can Lead to Massive Data Breaches #APICompliance #CyberHygiene #APIRisks

Feb 20, 2025 By Wallarm In Wallarm
Third-party APIs often access your data, making them a security risk if not properly validated. Weak API integrations have led to massive data breaches. Learn how penetration testing and security assessments can help protect your organization from third-party threats.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.