Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CrowdStrike

The Anatomy of Wiper Malware, Part 3: Input/Output Controls

Sep 26, 2022 By Ioan Iacob - Iulian Madalin Ionita In CrowdStrike

In Part 1 of this four-part blog series examining wiper malware, the CrowdStrike Endpoint Protection Content Research Team introduced the topic of wipers, reviewed their recent history and presented common adversary techniques that leverage wipers to destroy system data. In Part 2, the team dove into third-party drivers and how they may be used to destroy system data.

Read Post
Arctic Wolf

CVE-2022-3236 - Remote Code Execution Vulnerability in Sophos Firewall

Sep 26, 2022 By Sule Tatar In Arctic Wolf
On Friday, September 23, 2022, Sophos disclosed a critical code injection vulnerability impacting Sophos Firewall. This vulnerability, assigned CVE-2022-3236, affects Sophos Firewall versions v19.0 MR1 (19.0.1) and older and could lead to remote code execution. In order for a threat actor to exploit this vulnerability, WAN access would need to be enabled for the Webadmin and User Portal consoles.
Read Post
signmycode

Free Code Signing Certificate - Where to Find One?

Sep 26, 2022 By SignMyCode In SignMyCode

As all software publishers are concerned about their code integrity and reputation, they select the best code signing certificate provider. Still, some search for the free code signing certificate. Now, you must be thinking, is there anything like a free code sign certificate. And, if it is, then from where you can avail of it. Code Signing Certificate is an integral part of executable files. And mainly, a publisher purchases it from an authorized vendor and provider.

Read Post

The 443 Podcast Episode 210 - An Uber Hack

Sep 26, 2022 By WatchGuard In WatchGuard
This week on the podcast, we cover Uber's most recent security incident and the alleged individual behind it. After that, we dive into the world of gas station operational technology and potential security weaknesses in one tool. Finally, we end with a chat about the FBI CISO Academy and how the FBI as a whole is trying to reshape relationships with the private sector. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
View Video

Webinar: Keeping Up with the Threat Landscape - 22 September 2022

Sep 26, 2022 By WatchGuard In WatchGuard
In order to stay one step ahead of cyber adversaries, you need to understand how they work. The modern threat landscape is constantly evolving as sophisticated threats emerge and quickly become commoditized. In this webinar, Marc Laliberte, director of security operations at WatchGuard, will give you a view of the latest threat landscape, including the attack tools and techniques you need to defend against.
View Video
tripwire

Quantifying the Social Impact of Ransomware and ESG Disclosure Implication

Sep 26, 2022 By Tripwire Guest Authors In Tripwire

2022 began with successful ransomware attacks against global IT and digital transformation providers, no thanks to the notorious LAPSUS$ ransomware gang. Often, any discussion about ransomware impact has mostly centered on affected organizations. Rightly so, as victimized organizations usually suffer significant disruption to their operations. In 2021, the US Federal Bureau of Investigation received 3,729 complaints identified as ransomware.

Read Post
netskope

Netskope Threat Coverage: LockBit's Ransomware Builder Leaked

Sep 26, 2022 By Gustavo Palazolo In Netskope

LockBit (a.k.a. ABCD) emerged in September 2019 and became one of the most relevant RaaS (Ransomware-as-a-Service) groups among others like REvil, BlackMatter, Night Sky, Maze, Conti and Netwalker. The group targets many organizations around the world with a double-extortion scheme, where the attackers steal sensitive data and threaten to leak everything if the ransom is not paid.

Read Post
Forescout

FBI Notice Underscores Cyberthreats Posed by Medical Devices and IoMT - Risk Management Can Help

Sep 26, 2022 By Vedere Labs In Forescout

On September 12, the FBI released a private industry notification entitled “Unpatched and Outdated Medical Devices Provide Cyber Attack Opportunities.” The notification underscores how a growing number of vulnerabilities in medical devices and Internet of Medical Things (IoMT) assets can be exploited by threat actors to “impact healthcare facilities’ operational functions, patient safety, data confidentiality and data integrity.”

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.