Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

netskope

Cloud Threats Memo: A Recent Campaign Exploiting Digital Trust Through Github

Jun 26, 2023 By Paolo Passeri In Netskope

The weaponization of digital trust involves exploiting an application or tool we use in our daily digital life to perform our business or personal tasks for malicious purposes. It is a technique increasingly used by the threat actors to carry out malicious actions such as the delivery of malware or links to phishing pages.

Read Post
graylog

A Guide to Digital Forensics and Incident Response (DFIR)

Jun 26, 2023 By The Graylog Team In Graylog
When you engage in a security incident investigation, you need to quickly sift through vast quantities of data. In that moment, tracking your attacker, containing the attack, and identifying the root cause are the activities that matter most. However, in an attack’s aftermath, the digital recovery process and post-incident paperwork becomes your new nightmare.
Read Post
upguard

Preparing for CMMC Compliance: Tips and Best Practices

Jun 26, 2023 By Kyle Chin In UpGuard
‍The Cybersecurity Maturity Model Certification (CMMC) is a cyber program and security framework used by the US Department of Defense (DoD) to measure firms’ cybersecurity maturity. All DoD contractors working with the federal government must comply with this program by 2025. CMMC compliance demands that DOD contractors pass an external CMMC assessment carried out by an approved CMMC Third Party Assessment Organization (C3PAO) for all but the lowest level of CMMC certification.
Read Post
upguard

What is a Third-Party Breach? Definition & Tips for Reducing Risk

Jun 26, 2023 By Kyle Chin In UpGuard
A third-party data breach refers to a data breach that has occurred through a third-party company. In a third-party data breach, the vendor or supplier’s system has been compromised and used to steal data that belongs to you. A third party can be defined as an organization with which your organization has entered into a business relationship to provide goods, access, or services for your use.
Read Post

CrowdStrike Takes On Spyboy's "Terminator"

Jun 26, 2023 By CrowdStrike In CrowdStrike
On May 21, 2023, a new threat actor named Spyboy emerged, advertising a tool known as “Terminator” in a Russian-language forum, claiming the software could bypass over 20 common AV and EDR controls. CrowdStrike automatically blocked this executable, categorizing this as a high-severity detection, enabled by our AI-powered indicators of attack.
View Video
Zenity

Remediation Ballet Is a Pas de Deux of Patch and Performance

Jun 26, 2023 By Michael Bargury In Zenity

Generative AI capabilities continue to make their way into every organization, with increasingly useful ways of helping employees and contractors be more productive. This includes advancing how fully automated vulnerability remediation works, and with the power of generative AI, is able to take into account unique environments and uses in real-time.

Read Post
Snyk

Maximizing IAM security with AWS permissions boundaries and Snyk

Jun 26, 2023 By Wayne Crissman In Snyk

In today's rapidly evolving cloud landscape, managing permissions and ensuring robust security controls are essential for organizations utilizing Amazon Web Services (AWS). AWS Identity and Access Management (IAM) is crucial in managing permissions to access AWS resources. While IAM provides granular control over permissions, AWS IAM permissions boundaries offer additional security and flexibility for fine-tuning access controls.

Read Post

Encryption Backdoors: Balancing Security and Privacy

Jun 26, 2023 By Razorthorn In Razorthorn
Join us in this thought-provoking video as we delve into the heated debate surrounding encryption backdoors. Should technology companies be compelled to create backdoors in their encryption systems to enable surveillance and facilitate investigations? We explore the arguments for and against this contentious issue, considering the need for security while preserving individual privacy. We also address concerns about government overreach and historical instances where privacy has been compromised. Learn about executive orders such as EO 1227 and the implications they have on mass surveillance and privacy rights. Engage in the conversation and share your perspective on this crucial topic that impacts us all.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.