Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Russian Hackers Indicted for Phishing Attacks Against U.S. and Allies
The US Justice Department has indicted two individuals for launching spear phishing attacks against the US, the UK, Ukraine and various NATO member countries on behalf of the Russian government. “The indictment…alleges the conspiracy targeted current and former employees of the U.S.
CVE-2023-36553: Critical OS Command Injection Vulnerability in FortiSIEM
On November 14, 2023, FortiGuard published an advisory disclosing that a critical command injection vulnerability (CVE-2023-36553) had been patched in the latest updates for FortiSIEM. The vulnerability was rated with a Common Vulnerability Scoring System (CVSS) score of 9.3, as it can be exploited remotely by an unauthenticated threat actor using crafted API requests to execute unauthorized commands. This vulnerability is caused by improper neutralization of special elements in FortiSIEM report server.
Monitor highly regulated workloads with Datadog's FIPS-enabled Agent
Protecting sensitive data from the threat of exposure is a non-negotiable business imperative for organizations, especially those in highly regulated sectors like government and healthcare. To help organizations keep their data secure, the National Institute of Science and Technology (NIST) developed a set of requirements for the hardware and software components responsible for data encryption.
Exposed Server Headers and Cybersecurity Risk
Your web server conveys a variety of information to the client when a visitor opens your website. They can access specific policies you've set and sometimes identify what kind of software you use to run your system. Sometimes, that's okay. Other times, the information exposed in your server header can lead directly to a malicious cyber attack.
How Self-Learning AI Has Helped CARIAD Build An Automotive Software Powerhouse
CARIAD has been building one unified software platform for all Volkswagen brands to provide them with reliable software and digital best practices. In recent years, CARIAD and the rest of the automotive software sector faced extensive industry regulation and an array of dangerous and costly vulnerabilities. By introducing feedback-based fuzzing, an advanced white-box testing method that uses self-learning AI to uncover deeply hidden bugs and security vulnerabilities, CARIAD was able to find and fix potentially dangerous issues early in the development process.
Friday Flows Episode 16: Monitor Intercom with Nightfall
Monitor Intercom (or any channel like Zendesk, Slack, email, etc.) to scan messages for data leak. This Tines story can help catch sensitive information and help you stay proactive by automatically creating a case for your team to manage.
Falcon Identity Protection Unified Identity Protection for Hybrid Environments: Demo Drill Down
Today’s adversaries exploit identity weaknesses across on-premise, Microsoft Entra ID (formally known as Azure AD), and hybrid environments. CrowdStrike Falcon Identity Protection delivers complete visibility and protection across your entire hybrid identity environment.
How To Secure Your Phone
Smartphones carry our entire lives, which is why it’s important to keep them secure from cybercriminals. By following these steps, you can protect your smartphone and personal data from common cyberthreats.
Decoding Essential 8 Compliance: Tanium's Unique path to Success
From Tanium's Australian bureau, we dive into the Essential 8 baseline mitigation strategies and reveal how Tanium's unique architecture goes beyond the traditional approach of other vendors and enables organisations to overcome key challenges to help them successfully achieve automated continuous compliance.
Identity Threat Hunting: How CrowdStrike Counter Adversary Operations Is Leading the Charge
It’s 10:30 p.m. and you’re heading to bed. Unfortunately, a threat actor has your organization in their crosshairs. While you’re brushing your teeth, they’re crafting a social engineering email to pilfer your employees’ credentials. While you’re putting on your pajamas, they’re finding a path to log in. While you’re asleep, is your organization protected?