Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Archive Sidestepping: Self-Unlocking Password-Protected RAR
Trustwave SpiderLabs’ spam traps have identified an increase in threats packaged in password-protected archives with about 96% of these being spammed by the Emotet Botnet. In the first half of 2022, we identified password-protected ZIP files as the third most popular archive format used by cybercriminals to conceal malware.
Blockchain as a Service (BaaS)
A key share of growing technology is blockchain. Blockchain technology permits entities to share information quickly and firmly while not compromising on security. The engineering blockchain has hit the marketplaces everywhere nowadays. And it’s because blockchain has many applications that deliver higher output and reliability than the traditional network. Now that many businesses have begun to experiment with the blockchain, a full new sort of marketplace is developed.
Beyond BEC: How Modern Phishing Has Evolved Past Email
Business email compromise (BEC) is big business for malicious actors. According to the 2021 FBI Internet Crime Report, BEC was responsible for nearly $2.4 billion in cyber crime losses in 2021. At its root, it’s a type of phishing attack. And with the rise of smartphones and tablets, attackers are expanding well beyond email. They now leverage other platforms such as SMS messages, messaging apps like Signal and WhatsApp, and social media apps to target and compromise their targets.
SaaS Data Loss Prevention: What is it and Why is it Important?
With the rise of cloud-based applications, data loss prevention (DLP) has become an increasingly important part of information security. DLP refers to the policies and technologies used to prevent sensitive data from being lost or stolen. In the context of SaaS, this can include both the security measures implemented by the SaaS provider and the steps taken by the customer to protect their data.
Making Sense of Zero Trust Through the Lens of Networking and Infrastructure
“Zero trust” still confuses people—and for good reason. While the term conveys a certain absolute authority (“zero,” “nope,” “nothing”), contemporary approaches offer much more nuanced capabilities. And while zero trust today is typically associated with security initiatives, the concepts have their origin in the definition of network perimeters, who is granted access, and how that access is provided.
Handle Terraform Cloud infrastructure requests automatically with Tines
Tines is pleased to have joined the Terraform Cloud Run Tasks ecosystem. Tines helps DevOps teams better leverage the generally available Terraform Cloud run tasks pre-plan by enabling them to approve and record infrastructure requests from Terraform Cloud automatically.
The Nightmare of Delayed Updates
The Awarewolf's operating system is in need of an update, which reminds him of one particular unsolved case. Some time ago, on a dark and stormy night, an unlucky user felt they didn't have time to update their computer. But a series of supernatural events may have helped them change their mind...
Rubrik and GraphQL - Episode 6 - Using the Rubrik API Code Capture Extension
Now that we understand how to form and execute our GraphQL calls, many have reached out asking how to automate certain tasks that are performed within the Rubrik Security Cloud UI. In this episode, I'll introduce you to the Rubrik API Code Capture extension for Chrome. If you know how to accomplish something within the UI, the Code Capture extension will show you the exact API call you need, including the query name and formation of the payload that you are sending! It's super easy to use and can save you a ton of time digging through documentation!
What is Security Service Edge (SSE)
What is Security Service Edge (SSE)? Why are legacy security architectures no longer effective? Clear up the confusion and learn about this emerging category that helps improve user experience and security with help from Netskope's Vice President and Chief Evangelist, Bob Gilbert. Intelligent SSE from Netskope is redefining cloud, network, data security.
Cybersecurity Awareness Month: Recognize and Report Phishing
While phishing attacks are nothing new, the methods used to execute them are constantly evolving. Today, hackers are taking advantage of automation and other advanced techniques to increase the scale of phishing campaigns and better target victims. In this video, we dive into the importance of recognizing and reporting phishing attempts.