Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

devo

SciSec Team Applies Creativity, Curiosity and Innovation to Help Security Teams Work Smarter and Protect Organizations from Threats

Jun 2, 2022 By Devo In Devo

Today Devo announced Devo SciSec, which brings together a talented team of threat research, advanced data science, and machine learning experts under the leadership of CTO Gunter Ollmann to help our customers preemptively detect and mitigate entire classes of threats. See and hear what Gunter has to say about SciSec in this video. Even before their formal introduction, the SciSec team has been busy delivering value-added capabilities to Devo customers.

Read Post

Zero Trust goes beyond standard security

Jun 2, 2022 By Sumo Logic In Sumo Logic
Zero Trust is a modern, strategic approach to cybersecurity that secures organizations by eliminating implicit trust and continuously validating all interactions and experiences. Zero Trust moves cyber defenses from static, network-based perimeters to focus on users, assets, applications and resources without any implicit trust to enhance posture and reduce risk. At its core, Zero Trust is a perimeterless security approach.
View Video

Software Supply Chain Security for Open Source Projects

Jun 2, 2022 By JFrog In JFrog
Attacks on the open-source value chain (OS supply chain) are becoming more sophisticated, and we, as software developers, are becoming the focus of these attacks. So what are the essential first steps, and what should you focus on? This raises the question of suitable methods and tools. At the same time, the company's strategic orientation must be considered in this security strategy. In the recent past, we have also learned that attacks are increasingly targeting individual infrastructure elements of software development, such as the classic CI/CD pipeline.
View Video
CrowdStrike

OverWatch Casts a Wide Net for Follina: Hunting Beyond the Proof of Concept

Jun 2, 2022 By T. Ball - D. Barker - M. Wylie - Falcon OverWatch Team In CrowdStrike

CVE-2022-30190, aka Follina, was published by @nao_sec on Twitter on May 27, 2022 — the start of Memorial Day weekend in the U.S. — highlighting once again the need for round-the-clock cybersecurity coverage. Threat hunting in particular is critical in these instances, as it provides organizations with the surge support needed to combat adversaries and thwart their objectives.

Read Post
CrowdStrike

CrowdStrike Uncovers New MacOS Browser Hijacking Campaign

Jun 2, 2022 By EPP Content Research Team In CrowdStrike

The CrowdStrike Content Research team recently analyzed a MacOS targeted browser hijacking campaign that modifies the user’s browsing experience to deliver ads. Research began with a variant that uses a combination of known techniques to deliver, persist and sideload a Chrome extension. Analysis of the fake Chrome installer uncovered the use of more than 40 unique dropper files to install the extension.

Read Post
Arctic Wolf

Brute-Force Attacks: How to Defend Against Them

Jun 2, 2022 By Arctic Wolf In Arctic Wolf
When you hear the words “brute force," subtlety is probably not the first thing that comes to mind. Indeed, classic brute-force cyber attacks use the most straightforward tactics—trial and error—to gain entry into a protected system. When brute force works, the attack's type, depth, and severity depend on the attacker's goals.
Read Post
netskope

GoodWill Ransomware? Or Just Another Jasmin Variant?

Jun 2, 2022 By Gustavo Palazolo In Netskope

In March 2022, researchers spotted a new ransomware family named GoodWill, with a new method to collect the ransom. Instead of requesting payment through crypto coins like other threats such as Night Sky or Hive, GoodWill requests that its victims help vulnerable people by following a sequence of steps, such as donating clothes, feeding less fortunate children, or providing financial assistance to hospital patients.

Read Post
Snyk

Using Rego as a generic policy language

Jun 2, 2022 By Dickson Boateng In Snyk

Policies have a vital role in every organization, but can mean a lot of different things depending on the context. For our purposes, a policy refers to the principles or ideas that an organization uses to make decisions. In this post, we’ll discuss Open Policy Agent (OPA) and its rule language, Rego, highlighting how we can use them to write a simple policy for a payroll microservice.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.