Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
opsdemon
Latest posts
Managed security service providers should stay skeptical
It wasn’t too many years ago that only large-scale organizations and enterprises were compelled to worry about cybersecurity. They were the primary targets for malicious actors, and so they seemed to be the only ones thinking about defense. But just like most things, that has completely changed. Small and medium-sized businesses are just as vulnerable to cyberattacks. Without the size and resources to bring security in-house, most turn to managed security service providers (MSSPs) for help.
Privileged Access Management Use Cases
There are several use cases for a Privileged Access Management (PAM) solution, including secure remote access, credential management and least-privilege access enforcement. PAM helps organizations manage the access of authorized accounts to highly sensitive data, including IT departments, HR or staff who handle payroll systems. Continue reading to learn more about the different use cases for PAM and why you should choose KeeperPAM as your PAM solution.
Edge Device Botnet Compromise
A recent joint threat advisory from the FBI, CNMF, NSA (18 September 2024), highlights the extent of Chinese-affiliated threat actors’ ongoing botnet campaigns which seek to compromise thousands of internet-connected edge devices over a sustained period. This campaign, known as Oriole, is just one of several such active campaigns observed since 2020. JUMPSEC observations indicate that law enforcement has not yet disrupted the botnet, and indicators of compromise (IOCs) are likely ongoing.
Cato CTRL Threat Research: ProKYC Selling Deepfake Tool for Account Fraud Attacks
Cato CTRL security researchers have recently discovered a threat actor, ProKYC, selling a deepfake tool in the cybercriminal underground that helps threat actors beat two-factor authentication (2FA) for conducting account fraud attacks. The tool being sold is customized to target cryptocurrency exchanges—specifically ones that authenticate new users leveraging a government-issued document and by enabling the computer’s camera to perform facial recognition.
The Rise and fall of Raccoon Infostealer: Inside a Global Cybercrime Operation
In the ever-evolving landscape of cybercrime, malware-as-a-service (MaaS) has emerged as a lucrative business for cybercriminals. One of the most notorious examples is Raccoon Infostealer, malware designed to harvest personal and financial information from unsuspecting victims worldwide. The mastermind behind this operation, a Ukrainian national named Mark Sokolovsky, recently pleaded guilty in a U.S. federal court to his role in the cybercrime network.
Protecting Your Business from Data Breaches and Cybercrime
In today’s digital age, companies across various sectors are increasingly vulnerable to cyber attacks. Among the most alarming tactics cybercriminals use is leveraging stolen data to launch targeted attacks on businesses. With this data in hand, attackers can craft sophisticated schemes to exploit vulnerabilities and cause serious harm to companies. Let's dive into the methods cybercriminals employ using stolen data and how it affects businesses like yours.
S3 Storage For DevOps Backups
Choosing S3 storage like AWS, Google Cloud, or Azure Blob Storage is a strategic choice. Especially as data volumes grow fast and disaster recovery strategies require more focus. Such an investment may reduce operational overhead and optimize costs. Then, new technical and economic perspectives follow. 99% of IT decision-makers state they have a backup strategy. And yet, 26% of them couldn’t fully restore their data when recovering from backups (according to a survey of Apricorn from 2022).
What Is a Modern Breach and How Can It Be Prevented?
In the modern world, data is a precious asset. That means malicious actors will go to great lengths to get their hands on your organization’s information — and if that information is in the cloud, it’s especially vulnerable to those outside forces. You likely have some cybersecurity measures in place, but are you prepared for modern breaches that use constantly evolving tactics to exploit vulnerabilities and gain access?
Remote Access Security: 5 Best Practices for Remote Workers
Remote and hybrid workplaces are here to stay. In August 2023, 20% of U.S. employees worked from home at least once. By 2025, more than 36 million U.S. employees will work remotely, up from 19 million in 2019. That’s good news for employers who want the widest talent pool and employees who want to do their best work from anywhere. However, it’s also potentially good news for cyber criminals, who can exploit remote access policies to compromise cloud data.
Tines for governance, risk, and compliance: Mastering GRC with workflow automation and orchestration
Unlock the secrets to staying ahead in the ever-evolving world of governance, risk, and compliance (GRC) in our upcoming webinar. In this webinar, we will share an overview of the current GRC landscape and the transformative potential of workflow automation and orchestration. During the webinar, we discussed: Whether you're a seasoned GRC professional or just beginning to explore workflow automation and orchestration, this webinar offers essential insights and actionable strategies to help you navigate the complexities of GRC in today's dynamic environment.