Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Multitasking Employees Are Particularly Vulnerable to Phishing Attacks

Oct 9, 2025 By KnowBe4 Team In KnowBe4
Employees who multitask are significantly more vulnerable to phishing attacks, according to a study from the University at Albany published in the European Journal of Information Systems. “In real-world settings, users are frequently engaged in other digital tasks when a suspicious message appears, requiring them to momentarily interrupt their workflow,” the researchers write.
Read Post
knowbe4

If You Have Not Realized It, Vishing Is Really Taking Off

Oct 9, 2025 By Roger Grimes In KnowBe4
Fighting voice-based phishing needs to be a big part of your human risk management (HRM) plan. KnowBe4 and the HRM industry have been warning about voice-based social engineering and phishing for decades. Some of the biggest and most notable hacks have long been based on it. Stories have often been told of brazen calls that resulted in big hacks.
Read Post

The Lost Payload: MSIX Resurrection

Oct 9, 2025 By Splunk In Splunk
MSIXBuilder transforms what was traditionally a complex, multi-tool process into a single automated workflow that mirrors actual attacker techniques. By automatically handling certificate lifecycle management, dependency resolution, and package signing, the tool removes the technical barriers that previously prevented security teams from creating realistic test scenarios. This means defenders can quickly generate both signed and unsigned MSIX packages to validate their AppXDeployment event log coverage, confirm detection rules, and build detection coverage that actually works against real-world threats.
View Video
Forward Networks

How a Global Bank Nearly Eliminated Audit Response Time

Oct 9, 2025 By Forward Networks In Forward Networks
Across the financial sector, compliance teams face rising expectations from regulators and customers alike. Agencies such as the SEC, OCC, FDIC, CFPB, and the European Banking Authority now demand proof of continuous compliance—not point-in-time reports. Yet most financial institutions still depend on spreadsheets, manual command-line checks, and tribal knowledge to validate security controls.
Read Post
cloudflare

Introducing REACT: Why We Built an Elite Incident Response Team

Oct 9, 2025 By Chris O'Rourke In Cloudflare
Cloudforce One’s mission is to help defend the Internet. In Q2’25 alone, Cloudflare stopped an average of 190 billion cyber threats every single day. But real-world customer experiences showed us that stopping attacks at the edge isn’t always enough. We saw ransomware disrupt financial operations, data breaches cripple real estate firms, and misconfigurations cause major data losses. In each case, the real damage occurred inside networks.
Read Post
bitsight

CVE-2024-36401 - GeoServer - tailoring a public PoC to enable at-scale high-confidence detection

Oct 9, 2025 By Fábio Freitas In BitSight
At Bitsight, one of the responsibilities of the Vulnerability Research team is to develop fingerprinting methods to not only identify exposed services, but also vulnerabilities in those services. When it comes to detecting vulnerabilities, there are increased challenges depending on the complexity of both the vulnerability and the vulnerable service.
Read Post
graylog

SIEM's Next Chapter: Evolving, Not Dying

Oct 9, 2025 By Jeff Darrington In Graylog
The obituary for SIEM has been written more than once. The latest headline from Dark Reading calls it “dying a slow death.” Catchy. But wrong. If you work in a SOC, you already know the need for centralized, contextualized visibility is not going anywhere. What is changing the future of SIEM, is how SIEM delivers it. If you are still thinking of SIEM as a clunky, high-cost log hoarder, you are stuck in the wrong decade.
Read Post

Advanced SOC 2 Mistakes Even Mature Companies Make

Oct 9, 2025 By VISTA InfoSec In VISTA InfoSec
Even the most mature organizations can stumble when it comes to SOC 2 compliance. In this video, we uncover the critical SOC 2 mistakes that even experienced teams make. Did You Know? Over 68% of companies fail their first SOC 2 audit due to documentation or evidence gaps. 46% of recurring SOC 2 issues stem from poor control mapping and risk assessment misalignment. If your business handles customer data, this video is essential to ensure you stay audit-ready, trustworthy, and compliant with AICPA’s Trust Service Criteria.
View Video

Identity automation in the age of agentic AI with Matthew Chiodi

Oct 9, 2025 By LimaCharlie In LimaCharlie
Defender Fridays - Identity Automation in the Age of Agentic AI with Matthew Chiodi Join us for this session of Defender Fridays as we explore identity automation in the age of agentic AI with Matthew Chiodi, Chief Strategy Officer at Cerby. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.