Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Splunk Assist: Cloud-Powered Insights Just for You, at Your Fingertips
Have you been worried about whether your deployment is secure? Are you tired of keeping track of all security vulnerabilities and vendor-provided patches to ensure that your exposure to such vulnerabilities is minimized? What about making sure that the certificates for your hundreds of forwarders, indexers, search heads and other Splunk connectors are not expired? You’re not alone!
#BigPictureCyber Town Hall With Malcolm Harkins, Epiphany Systems | 7/14/22 | NeoSystems
NeoSystems #BigPictureCyber Town Hall Series: Join NeoSystems’ Chief Information Security Officer, Ed Bassett, for our weekly #BigPictureCyber Town Hall designed for the Defense Industrial Base and GovCon community. Each session features special guests and offers an opportunity for attendees to ask questions regarding CMMC and cybersecurity. Topics covered include CMMC compliance requirements, cybersecurity news, how to prepare for CMMC certification, and the latest updates from the CMMC AB.
Kintent Announces Support for ISO 9001
Becoming ISO 9001 compliant can be difficult. It requires those who are seeking it to be open to change, and to be able to commit to their new Quality Management System (QMS) processes and controls. Additionally, having to continuously stay compliant with the QMS can add a lot of pressure. But… the payoff is worth it.
Beware of Phishing Scams! Protecting Your Business Against Cyber Scams - SafeAeon INC
Phishing scams – or email fraud are as old as the email itself. The scams are all attempts to get you to volunteer your personal information to criminals or install malware on your computer or mobile device.
A practical approach to Active Directory Domain Services, Part 8: AD attacks
How and why do attackers target an organization’s Active Directory (AD)? This blog, which is part 8 of the series A Practical approach to Active Directory Domain Services, will provide you with the answers. In this part, we will examine what attackers gain by compromising the AD setup. We will also look at some of the most noted means by which AD is compromised. There are two main sections to this blog.
Sponsored Post
How Your Business Can Benefit from Cyber Threat Intelligence
As a CIO, you know that your business faces cyber threats daily. While you may have robust security measures in place, it's impossible to protect your organization from every possible attack. That's where cyber threat intelligence comes in. By incorporating this valuable resource into your security strategy, you can dramatically reduce your risk of a breach.
GhostSec Raising the Bar
In June 2022, Cyberint observed a new hacktivist campaign targeting multiple Israeli organizations and enterprises coordinated via different social media platforms. The campaign is led by hacktivists originating in a group called GhostSec. GhostSec was first identified in 2015 and was initially founded to attack ISIS in the cyber realm as part of the fight against Islamic extremism.
How startup culture is creating a dangerous security gap in new companies
This is the first part of a three-blog series on startup security. Software vulnerabilities are the bane of every security team. A newly discovered vulnerability can turn a crucial software product into a ticking timebomb waiting to be exploited. Security practitioners and IT teams tasked with protecting their organizations must identify and mitigate a constant stream of new vulnerabilities before their presence results in a breach.
Scammers Bypassed MFA and Attacked 10,000 Organizations
Read also: Hacker stole 23 million Mangatoon accounts, Uniswap users were robbed of $8 million worth of Ethereum, and more.
10,000 organisations targeted by phishing attack that bypasses multi-factor authentication
Microsoft has shared details of a widespread phishing campaign that not only attempted to steal the passwords of targeted organisations, but was also capable of circumventing multi-factor authentication (MFA) defences. The attackers used AiTM (Attacker-in-The-Middle) reverse-proxy sites to pose as Office 365 login pages which requested MFA codes, and then use them to log into the genuine site.