Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Episode 5 - Detecting DNS Covert Channels in the Wild (Part 1)

Jan 1, 2026 By Corelight In Corelight
In Episode 5 of Corelight Defenders, I, Richard Bejtlich, engage with Corelight's co-founder and chief scientist, Vern Paxson, to delve into the intricate world of DNS covert channels. We explore how adversaries exploit DNS lookups to silently communicate within tightly controlled enterprise environments. Vern explains various methods attackers may use, from encoding data in seemingly benign domain names to manipulating the timing of requests. Our discussion highlights the challenges of detecting these covert channels, especially in the presence of network monitoring.
View Video

AI and the Vanishing Entry Level Security Jobs in 2025

Jan 1, 2026 By Razorthorn Security In Razorthorn
The Razorwire Christmas Party 2025 episode compares automation in law and cybersecurity, where junior roles shrink and the talent pipeline starts to break. AI pressure on tier one soc work in 2025 leaves new entrants with debt and fewer real training grounds, raising hard questions about the future of senior expertise.
View Video
memcyco

Account Takeover Prevention for Credit Unions: What Actually Works in 2026

Jan 1, 2026 By Julian Agudelo In Memcyco
Account takeover prevention for credit unions has reached an inflection point. One concept underpins most modern failures: the timing gap, the period between a member engaging with a scam or impersonation interaction and the moment a security or fraud team becomes aware of risk. During this gap, access is often treated as legitimate even though compromise has already occurred.
Read Post
device authority

Why Unmanaged IoT Devices Are the Biggest Security Blind Spot in 2026

Jan 1, 2026 By Claire Tennant In Device Authority
The rapid expansion of connected devices has fundamentally changed how organisations operate. From smart sensors and industrial controllers to gateways, cameras, and embedded systems, IoT has become integral to modern business. Digital transformation is accelerating the adoption of IoT technologies, increasing the attack surface and making IoT security a critical component of modern cybersecurity strategies.
Read Post
safeaeon

Beaconing Detection: How Attackers Stay Hidden

Jan 1, 2026 By SafeAeon Inc. In SafeAeon
Attackers, after an initial compromise, look to remain inside a network for as long as possible. For this, they use different methods. Beaconing is one of the common techniques used to maintain this access. Beaconing activity can easily blend into normal traffic and can remain unnoticed for long periods. Therefore, it is important for IT and security teams to understand how beaconing works in order to effectively carry out beaconing detection and response.
Read Post
indusface

Managed DDoS Protection for Insurance: Why Always-On Defense Is Essential

Dec 31, 2025 By Vinugayathri Chinnasamy In Indusface
According to the State of Application Security 2025, web applications faced a sharp rise in hostile traffic, with 4.8 billion attacks blocked and 1.52 billion DDoS incidents affecting nearly 70% of monitored applications. APIs became the primary target, seeing 388% more DDoS attacks per host than websites, signaling a shift toward precision, application-layer disruption.
Read Post
indusface

How Managed DDoS Protection Keeps Education and EdTech Platforms Resilient

Dec 31, 2025 By Vinugayathri Chinnasamy In Indusface
Globally, schools and universities now face over 4,300 cyberattacks per week on average, marking a 40% year-over-year increase and making the education sector a prime target for disruptive DDoS attacks. Most educational institutions operate with lean IT teams responsible for infrastructure, user support, and security. This resource constraint makes it difficult to withstand prolonged or application-layer DDoS attacks that can quickly disrupt learning platforms and administrative systems.
Read Post
indusface

Managed Bot Protection for Education Institutions: Prevent Credential Abuse and Downtime

Dec 31, 2025 By Vinugayathri Chinnasamy In Indusface
This growing exposure is reflected in real-world threat data. The Huntress 2025 Cyber Threat Report found that the education sector accounted for 21% of all cyber incidents observed last year, underscoring how frequently schools and universities are targeted. The report also highlights a strong presence of automated and data-driven attacks, with malicious scripts making up 24% of education-focused threats, followed by infostealers (16%), malware (13%), and ransomware (7%).
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.