Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Assign severity ratings on Attack Surface Custom Policies
AppSec teams often struggle to either validate or scale their security policies, like enforcing security headers or removing risky technologies. This job is easier said than done, and teams are feeling the pinch. To address these challenges, we launched Attack Surface Custom Policies – a powerful feature built directly into Surface Monitoring that makes it possible to set, enforce, and scale customizable security policies so you can focus on the issues that matter most.
FIPS 140-3 Certification and Levels: FIPS 140-2 Vs 140-3
The Federal Information Processing Standard (FIPS) 140-3, is a collection of standards released by the United States government to examine cryptography modules. It explains how to design, develop, and run a cryptography module. The National Institute of Standards and Technology (NIST) and Communications Security Establishment (CSE) created FIPS 140-3 to safeguard critical, unclassified information.
CVE-2023-29343: Sysmon Local Privilege Escalation Vulnerability
In a security advisory published on May 9th, Microsoft disclosed the existence of a Local Privilege Escalation vulnerability in Sysmon (CVE-2023-29343). The vulnerability was discovered by an independent security researcher and was responsibly disclosed to Microsoft. Microsoft has released Sysmon version 14.16 to address this vulnerability.
Arctic Wolf Labs Review of Joint Cybersecurity Advisory on Russian-Backed Snake Malware
On Tuesday May 9th, 2023, CISA published a Joint Cybersecurity Advisory titled “Hunting Russian Intelligence ‘Snake’ Malware” which provided an in-depth analysis of the Russian Federal Security Services’ (FSB) Snake malware. Arctic Wolf Labs has analyzed the advisory and have summarized the content into key findings and takeaways for the security community.
Defining Your Organization's Attack Surface: The 4 Types of Attack Surfaces
Attack surfaces are a fundamental concept within information security. However, attack surfaces can be constituted of different things. For example, some formulations of an attack surface include not just software and hardware, but the people using them. In this post, we’re going to cover four common types of attack surface, discuss how you should think about the risks associated with each type, and best practices for addressing these risks.
Weekly Cybersecurity Recap May 12
Major companies have suffered serious data breaches this week, and even the city of Dallas, Texas, was hacked and damaged by data attacks that could expose a significant number of people, making it clear that everyone is at risk when it comes to identity theft and data attacks specifically. Huge mental health organizations like Brightline and Mcpherson Hospital exposed confidential patient data, and even the Metropolitan Opera House in New York City was the target of a breach attack this week.
More than 180,000 Carvin Software Customers At Risk Because of Recent Data Breach
Carvin Software is a massive company based in Gilbert, Arizona. The company creates specialized software solutions for business owners and individuals throughout the country. Carvin specializes in construction software but offers staffing solutions and other types of software services as well. A large variety of companies work with this organization, including Apple Staffing, Ace Personnel, Labor Force, and more.
Keeper for Teams and Small Business 3 Minute Demo
Introduction Keeper eliminates the pain of having to remember passwords while protecting your business from password-related data breaches and cyberthreats. Keeper stores and protects your website passwords, financial information and other sensitive documents in an encrypted vault. Keeper can generate unique, secure passwords for you that you can unlock with a single Master Password. Keeper makes it easy to login to websites without having to remember passwords ever again.
Unveiling the Ethics of Morality in AI: Who Determines What's Right? - Paul Dwyer
In this thought-provoking video, we delve into the pressing issue of ethics within AI development. Join us, Paul Dwyer and James Rees, as we explore the questionable decisions made by a small group of individuals, often young programmers in California, who dictate what is considered ethically correct in software development. We examine real-life examples, such as image search engines favoring certain races and even identifying different ethnic groups as distinct species. It's absurd that such biases persist. But the ethical concerns don't end there.