Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Developer Roll Up: May 2023
The team at LimaCharlie continues down the path of changing the way cybersecurity tools and supporting infrastructure are delivered. Details about what has been happening for the month of May, and what is coming up, can be found below. As always, if you have any questions or concerns, please do not hesitate to contact us.
The Unseen Risks of Open Source Dependencies: The Case of an Abandoned Name
One often-overlooked risk in the bustling ecosystem of open-source software are vulnerabilities introduced through software dependencies. We mention this because today, a malicious actor took over a RubyGems package name with more than two million downloads. Mend.io technology detected the package before it could be used for an attack, but the case of ‘gemnasium-gitlab-service‘ serves as an important reminder of the risk of neglecting dependency management.
TrustCloud Product Updates: May 2023
Our team has been hard at work creating updates and new features just for you, see what we’ve been up to over the last month.
Reverse-Engineering Java and JavaScript Malware
Most malware security researchers encounter in the wild is written in C or C++. These languages provide low-level system access and control, plus performance, allowing threat actors to create highly efficient and stealthy code. But that doesn’t mean cybercriminals are limited to those two languages. SecurityScorecard recently reverse-engineered the Vjw0rm worm written in JavaScript and the Java-based STRRAT remote access trojan (RAT).
Expanding Enterprise Attack Surfaces (EAS) and the increasing importance of Identity & Access Management
In the past five years, Enterprise Attack Surfaces (EAS) have evolved significantly. EAS refer to the various entry points that cybercriminals can exploit to gain unauthorized access to an organization's digital assets. With the increasing use of cloud-based services, the proliferation of connected devices and the growing reliance on third-party vendors, attack surfaces have become broader, more numerous and more complex.
Teleport 13: Automatic agent updates, Simplified AWS setup, Light theme, and more.
Once again, it’s time for everyone’s favorite announcement: a brand new Teleport release! This release marks version 13 of Teleport and is packed with features, including a UI makeover, performance improvements, a few exciting previews, and so much more. Let’s dive in! Watch this episode recording with Ben Arent, Teleport’s Director of Developer Relations, as he discusses what’s new in Teleport 13.
Empowering Cybersecurity: The Power of Automation
Discover how AlgoSec revolutionizes cybersecurity through advanced automation. Learn how AlgoSec's cutting-edge technology streamlines security processes, optimizes policy management, and enhances threat detection and response. Unlock the full power of automation with AlgoSec to fortify your cybersecurity posture and proactively combat evolving threats. Stay one step ahead in the ever-changing landscape of cybersecurity.
Avoiding the ransomware trap
Even large, global firms with enormous IT budgets are falling victim to the latest attacks. Why? Because cybercriminals know that popular network inspection and threat intelligence solutions can't keep up with the deluge of attacks hammering at our networks daily. But there is hope! By evolving from traditional threat intelligence to ThreatOps, we can put an end to ransomware and proactively shield your business from 99% of global threats mapped by the threat intelligence community automatically.
Kroll: 2023 State of Cyber Defense: The False-Positive of Trust - Virtual Briefing
Join Kroll's cyber risk leaders in this webinar and explore key insights from 1,000 global senior IT and security decision-makers worldwide. During the session, our experts, Pierson Clair and Edward Starkie, will outline the current state of cyber defense, the levels of organizational trust and how true cyber maturity links to trust in facilitating organizations to stay ahead of the curve in a constantly evolving threat landscape.
Centripetal Expands Innovative CleanINTERNET® Technology to the Cloud
Centripetal announces the launch of CleanINTERNET® CLOUD extending protection to enterprise assets anywhere - whether on premises, remote or in the cloud. CleanINTERNET® is a revolutionary approach to defending organizations from cyber threats.