Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cato networks

Mitigating Credential Phishing in the Age of AI and Cloud Convergence

Dec 10, 2025 By Dr. Guy Waizel In Cato Networks
Phishing remains one of the most effective methods for stealing credentials and breaching enterprise environments. Despite advanced email and browser protections, attackers now leverage AI, and automation to outpace traditional defenses. The Verizon 2024 Data Breach Investigations Report found that 68% of breaches involve the human element, often triggered within seconds of a phishing lure, just 21 seconds to click and 28 seconds to submit credentials.
Read Post

Kubernetes 1.35 Security Changes: cgroup, WebSockets, Image Pull Auth + More

Dec 10, 2025 By Sysdig In Sysdig
It’s December, and Kubernetes 1.35 is almost here - with security changes that can break workloads or access paths if you upgrade unprepared. This video is a fast, practical security edition rundown for security and platform engineers: what changed, why it matters, and what to verify before you roll 1.35 into production. In this video (Kubernetes 1.35 security highlights): If you want a deeper dive, comment with what you’re running today (managed K8s vs self-managed, distro, container runtime, auth setup) and I’ll break down the safest upgrade path.
View Video

Living off the Land - 2025 MITRE ATT&CK Enterprise Evaluations

Dec 10, 2025 By CrowdStrike In CrowdStrike
The 2025 MITRE ATT&CK Enterprise Evaluations tested detecting malicious living-off-the-land attacks while avoiding false positives on legitimate tools. CrowdStrike delivered 100% detection and protection with zero false positives. Adversaries like Mustang Panda weaponize legitimate tools like PowerShell, WinRAR, and curl.exe while these same tools run legitimately across enterprises daily. You can't block these tools without collapsing operations.
View Video

Charlotte AI - 2025 MITRE ATT&CK Enterprise Evaluations

Dec 10, 2025 By CrowdStrike In CrowdStrike
The 2025 MITRE ATT&CK Enterprise Evaluations featured sophisticated cross-domain attacks from Scattered Spider, and CrowdStrike's Charlotte AI proved essential in delivering 100% detection and protection with zero false positives. Charlotte AI accelerated every stage of security operations with Agentic Detection Triage for instant verdicts, Agentic Response that investigates alerts like expert analysts, and command-line analysis in plain language.
View Video
knowbe4

Report: Phishing Has Surged 400% Year-Over-Year

Dec 10, 2025 By KnowBe4 Team In KnowBe4
Researchers at SpyCloud have observed a 400% year-over-year increase in successful phishing attacks, with a disproportionate number of attacks targeting corporate accounts. “The company tracked a 400% year-over-year increase in successfully phished identities, with nearly 40% of the 28+ million recaptured phished records containing a business email address – compared to just 11.5% in recaptured malware data,” the researchers write.
Read Post
apono

Better Together: Apono and 1Password Join Forces to Deliver Secure, Just-in-Time Access to Secrets

Dec 10, 2025 By Ben Avner In Apono
We’re excited to announce Apono integration with 1Password to help organizations control, automate, and audit access to sensitive credentials and secrets bringing stronger security and smoother operations to teams everywhere. This new integration enables customers to enforce Zero Standing Privileges (ZSP) and provision Just-in-Time (JIT) and just-enough access (JEA) to secrets stored in 1Password Enterprise Password Manager through Apono’s automated access flows.
Read Post
Online IQ Testing in the Age of Cybersecurity

Online IQ Testing in the Age of Cybersecurity

Dec 10, 2025 By SecuritySenses In SecuritySenses
As more psychological and cognitive assessments move online, questions about data security, privacy, and trust have become just as important as test accuracy. From personality tests to intelligence assessments, users are increasingly cautious about where they enter personal information and how that data is handled.
Read Post
Hybrid Work Risks That Start in the Office: What Companies Often Overlook

Hybrid Work Risks That Start in the Office: What Companies Often Overlook

Dec 10, 2025 By SecuritySenses In SecuritySenses
Hybrid work has become a defining part of modern business, yet many companies underestimate the extent to which risk originates in the physical workspace. Employees move between home and office with new expectations, and the environment they return to often shapes their performance more than policies do. Rooms that once supported predictable routines now carry a different emotional weight, influencing how people communicate, collaborate, and settle into their day.
Read Post
kovrr

Transforming AI Risk Awareness Into Measurable AI Governance

Dec 9, 2025 By Kovrr In Kovrr
Only a few years ago, after more than a decade of debate over how cybersecurity incidents affect the financial stability of public companies, the U.S. Securities and Exchange Commission (SEC) finally made cyber risk disclosure a formal requirement. The intent was to bring transparency and accountability to a category of risk that had long been treated as technical rather than financial. Now, albeit voluntarily, AI has entered that same conversation, but the speed of its arrival has been remarkable.
Read Post
teramind

How AWS WorkSpaces & Teramind Enhance Workforce Intelligence

Dec 9, 2025 By Teramind In Teramind
Teramind, an ISV Accelerate AWS Partner, delivers a crucial layer of visibility, security, and productivity management that highly complements the Amazon WorkSpaces Family services. This partnership ensures customers move beyond the architectural security and agility provided by AWS to gain granular control over user behavior, insider risk, and operational efficiency within their virtual desktop infrastructure (VDI).
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.