Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
How to Block/Allow Unmanaged Devices from Accessing SaaS Applications?
Are your employees accessing apps like Google Workspace, Microsoft 365, or Salesforce from personal devices? This poses a major security risk to your business! In this video, we’ll show you how miniOrange CASB (Cloud Access Security Broker) helps you block unauthorized devices, enforce device-based access control, and secure your SaaS environment — all in real-time.
How Fidelis Integrates Detection and Response for SQL-Based Exploits
SQL injection attacks remain one of the most dangerous and frequently exploited web vulnerabilities—even in today’s age of secure coding and DevSecOps. Despite widespread awareness, attackers continue to target database-driven applications using clever payloads that evade surface-level defenses. The challenge isn’t just that SQL injections still work—it’s that many organizations don’t detect them until it’s too late.
So you're buying your first SIEM... here's how not to suck at it
Welcome to the chaos. You’ve been told you need a SIEM. Maybe it was your CISO. Maybe it was your auditor. Maybe your SOC is tired of stitching together logs with duct tape and Python scripts. Doesn’t matter — you’re now on the SIEM buying journey. Congratulations… and condolences. Let’s walk through how to actually buy your first SIEM without lighting your budget (and your team’s morale) on fire.
Enhance your cloud security visibility with the updated AWS CloudTrail app
For organizations operating in the cloud, visibility is everything. You need a reliable source of truth to answer “who did what, when, and where,” whether you’re investigating a security incident, chasing compliance goals, or monitoring operational activity. Enter the Sumo Logic CloudTrail App, your go-to solution for transforming raw AWS CloudTrail logs into meaningful, actionable insights.
What is Data Loss Prevention (DLP)?
What is DLP, and why is it critical to modern cybersecurity? In this video, we break down Data Loss Prevention—also known as DLP—into simple terms. You'll learn how DLP works, what kinds of sensitive data it protects, and why organizations use it to prevent data leaks, insider threats, and accidental exposure of confidential information. Whether you're new to data security or looking to level up your InfoSec knowledge, this is the perfect starting point to understand how DLP fits into your broader cybersecurity strategy.
Arctic Wolf Observes Microsoft Direct Send Abuse
Arctic Wolf has recently observed a widespread phishing campaign targeting multiple organizations by abusing Microsoft 365’s Direct Send feature—a feature designed for internal email delivery without requiring authentication. Threat actors can identify valid domains and recipients, then send spoofed emails that appear to originate from internal domains—often impersonating the user themself—without needing credentials or access to the tenant.
New FileFix Delivery Method Used to Distribute Interlock RAT
Since at least February 2025, Arctic Wolf has observed Interlock Remote Access Trojan (RAT) being deployed via social engineering techniques. Recently, The DFIR Report published a technical analysis of the Interlock RAT being delivered via a social engineering technique dubbed “FileFix.” The name FileFix is derived from its similarity to the previously documented ClickFix technique using fake CAPTCHA pages.
Digital Factories, Digital Dangers: Why Manufacturing is a Prime Target for Cyberattacks
Digital connectivity is reshaping European manufacturing, driving both efficiency and innovation. However, this shift has also created a complex and vulnerable cyber threat landscape, making manufacturing the most targeted industry for cyberattacks for the past four years. Connected systems and legacy infrastructure are colliding, expanding the attack surface and exposing manufacturers to increased risks.
Engineered To Evade: How Phishing Attacks Are Designed To Get Through Your Secure Email Gateway
Getting through secure email gateways (SEGs) is simply the cost of doing business for a cybercriminal. Literally, detection at the perimeter by a SEG is the same as falling at the first hurdle. SEGs have been adopted broadly, especially in larger organizations (although this picture has started to change in recent years - more on that below). Even where organizations don’t use a SEG, many native controls in email platforms (like Microsoft Exchange) operate using the same principles.
How Do I Know if I Have Spyware?
Ever had your phone act like it has a mind of its own? Pop-ups? Sudden shutdowns? Your battery is draining in record time? You might be dealing with spyware. Watch this video to learn the signs of spyware and how to remove it from your device.