Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Trustwave: Attack Surface Management: Challenges, Myths, and Solutions
In today's highly connected and digitized world, cyber threats are becoming more sophisticated and persistent. As a result, organizations need to adopt a proactive and strategic approach to security to protect their assets and reduce their risk of cyberattacks. Attack surface management is a key strategy designed to help businesses identify and mitigate potential vulnerabilities and exposures. By taking a contextual view of threats and focusing on understanding what's exposed, organizations can develop a process for determining and reducing risk.
Elastic: Data security practices for security leaders: building trust, transparency, and accountability
Data security is not only a technical issue, but also a social one. How we protect and use data can have profound impacts on inclusion, diversity, and equity in society. In this webinar, we will explore how data security can foster a culture of trust, transparency, and accountability among data holders and users, and how it can empower individuals and communities to exercise their data privacy and security rights. We will also discuss the challenges and opportunities of implementing data security practices that are aligned with the values and needs of diverse stakeholders. Join us for an engaging and informative session on how data security can create a more inclusive, diverse, and equitable society.
Featured Post
Exploiting ancient vulnerabilities: How did the 3CX supply chain attack occur and what can we learn from it?
On March 29th, North-Korean linked threat-actors targeted 3CX, a VoIP IPX developer, exploiting a 10-year-old vulnerability (CVE-2013-3900) that made executables appear to be legitimately signed by Microsoft when, in fact, they were being used to distribute malware. The 3CX attack is just the latest in a series of high-profile supply chain attacks over the past year. The SolarWinds attack compromised the Orion system, affecting thousands of organizations, and the Kaseya VSA attack that was used to deliver REvil ransomware also to thousands of organizations and is considered one of the largest security breaches of the 21st century.
Top tips: 8 ways to secure your mobile phones from cyberthreats
Mobile phones have become an indispensable tool in all our lives. Ensuring their security and protecting sensitive information becomes paramount, especially when you have all your work-related apps and data synced. Every 39 seconds, a new assault occurs on the internet, and 24,000 malicious mobile apps are typically blocked everyday.
Venom Control-RAT With a Sting
As the cybercrime industry continues to provide us with new Malware as a Service (MaaS) products, we have become used to seeing the operators advertising and developing the panels underground. Over the past year, an allegedly legitimate software company named Venom Control Software emerged, offering a Remote-Access-Tool (RAT) for “hackers and pen-testers”.
Weekly Cyber Security News 22/06/2023
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. More woe for Reddit. Which side is telling the truth? I’m sure it all be revealed in time.
How to Use the MITRE Framework to Protect Your Organization
In a recent poll we conducted, two thirds of respondents shared they were unaware of the MITRE ATT&CK Framework or were only beginning to understand what it can provide. When used correctly, MITRE ATT&CK can significantly help organizations bolster their security posture. In this blog post, we explain how security teams can leverage MITRE ATT&CK and how Cato Networks’ SASE can help.
1Password and 2FA: Is it wrong to store passwords and one-time codes together?
We introduced support for time-based one-time passwords (TOTP) way back in the dark ages of 2015.
Former RaidForums Member Databox Sentenced to 3 Years in Prison
Read also: a cybercriminal charged in connection with LockBit ransomware operation, US offers up to $10 million for info on MOVEit hackers, and more.
Take it From a Compliance Officer: Secure Networks Matter
Even before the fiasco at Silicon Valley Bank, financial institutions were under tremendous scrutiny from regulators. How could they not be? Banks are among the oldest known targets for theft, and in a digital age, the best way to extract money is going to be either straight cyber-theft from existing accounts or ransomware. IT systems that house customers’ financial data can be architected with the right security controls in place to protect that data to the highest standard.