Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
How to Write the Executive Summary of a Cybersecurity Report
Let’s face it, information technology experts are usually not enthusiastic writers. So when it comes to creating an executive report, cybersecurity staff aren’t exactly pushing each other over to get this exciting writing task complete. Instead, it keeps getting delayed, day by day, until the night before its submission. Many get stuck on the executive summary section, obsessing over its perfection.
Interview with Co-founder and Chief Scientist, Kurt Rohloff
For the newest instalment in our series of interviews asking leading technology specialists about their achievements in their field, we’ve welcomed Kurt Rohloff, Co-founder and Chief Scientist, of Duality. Prof. Rohloff is the founding architect of the PALISADE open-source homomorphic encryption library and co-founder of the HomomorphicEncryption.org industry consortium.
One Click Hijack: TikTok Android App Users at Risk?
Amidst the havoc that has been data breaches, another one bites the dust! Microsoft on Wednesday disclosed that they had found a high-severity flaw in the Android version of the TikTok app that gives the hackers a free way to hijack a user's accounts with One SINGLE click. The issue had apparently been reported to Tiktok back in February and was quickly fixed before it could be exploited.
The Quiet Victories and False Promises of Machine Learning in Security
Contrary to what you might have read on the Internet, machine learning (ML) is not magic pixie dust. It’s a broad collection of statistical techniques that allows us to train a computer to estimate an answer to a question even when we haven’t explicitly coded the correct answer into the program.
How Colleges & Universities Can Prevent Data Leaks
Data leaks occur when organizations fail to implement proper cybersecurity measures, causing sensitive data and other personally identifiable information (PII) to be exposed to the public. In most cases, data leaks occur due to internal human errors, an oversight by the IT committee, or a lack of strong security practices.
Secretless, Identity-based Infrastructure Access
Passwords are everywhere. Sometimes they are obvious — hardcoded in the code or laying flat in the file, but other times they take the form of API keys, tokens, cookies, or even second factors. Devs pass them in environment variables, vaults mount them on disk, teams share them over links, and copy them to CI/CD systems and code linters. Eventually, someone leaks, intercepts, or steals them. Because they pose a security risk, there is no other way to say it: passwords in our infrastructure have to go.
Recent Phishing Attack Highlights How Hacks Are Changing
Hackers are getting smarter, and phishing is becoming more sophisticated. Most employees know that when an email comes in from a random address, rife with misspellings, and credentials or other private data demands, it’s absolutely a phishing scam. But what if, as an employee, you got a text to update your Okta credentials? What if the link took you to a domain that looked just like your Okta login?
Cybersecurity Challenges in the Metaverse: How to Keep Your Assets Safe
Imagine you are chilling over coffee with your co-workers in a break room. The deadline for the launch of your newest product is imminent and you are discussing last-minute design modifications. Digital images of the product float by as your AI assistant suggests the best potential design modifications. Together, you and your team choose the final product design and are ready for the next step in the launch. Virtual high fives ensue.
The Importance of Physical Security | Arctic Wolf
Physical security breaches by social engineers can be catastrophic for your organization's data. Join Special Agent Cipher to learn about the types of social engineering tactics used by bad actors, along with strategies to keep your organization out of harm's way.
Response to the Enduring Security Framework (ESF) Guide for Developers
At Snyk we invented developer-first security. We believe involving developers in the practice of security is key to building and running modern applications. This is exactly why the recent publication, Recommended Practices Guide for Developers by the The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) piqued our interest.