Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
npm supply chain attack targets Germany-based companies with dangerous backdoor malware
The JFrog Security research team constantly monitors the npm and PyPI ecosystems for malicious packages that may lead to widespread software supply chain attacks. Last month, we shared a widespread npm attack that targeted users of Azure npm packages. Over the past three weeks, our automated scanners have detected several malicious packages in the npm registry, all using the same payload.
Emotet: The Return of the World's Most Dangerous Malware
In our new threat briefing report, Forescout’s Vedere Labs analyzes an Emotet sample, presents a list of IoCs extracted from the analysis and discusses mitigation. Emotet is the name of both a cybercrime group and a malware loader it distributes. The group is also known as MUMMY SPIDER, while the malware is also known as Geodo or Heodo.
Can SIM Cards Get Hacked?
Yes, even basic technology like SIM cards poses the risk of getting hacked. Today, cell phones have almost become tiny supercomputers, so users must learn how to secure their mobile phones. From social engineering scams to SIM hijacking, sensitive data can easily become compromised without adequate cybersecurity awareness. Learn more about why SIM card hacking is on the rise and how you can prevent it from happening.
What is DLP (Data Loss Prevention)? - DLP Solutions from Lookout
Data loss prevention (DLP) involves a set of technologies and processes used to discover, monitor and control sensitive data. Why is it so important? Businesses use DLP to prevent data breaches and comply with regulations such as GDPR, HIPAA, PCI DSS, and others. DLP tools allow security staff and network administrators to set business rules that determine what’s sensitive while also providing insight into the use of content within an enterprise.
Centralized Log Management for Reporting Compliance to Management
It’s 3pm on a Wednesday, and you’re really just done with the week already. You hear that “ping” from your Slack and know that you set notifications for direct messages only, which means, ugh, you have to pay attention to this one. It’s your boss, and she’s telling you to check your email. Then you see it, the dreaded audit documentation request. This will take you the rest of today and most of tomorrow.
How Should Employees Be Trained for Cyber Security?
Cyber security risks have never been more apparent and costly. According to the survey data, the average cost to the U.S. organizations that experienced a cybersecurity breach in 2020 was approximately 8.64 million dollars per incident, up almost a half-million dollars from 2019. Rates of cyber security attacks and identity theft have significantly increased and seem to be only becoming easier for hackers and cybercriminals.
Announcing Keeper One-Time Share
Ever need to share a password with someone, maybe a friend, a contractor or a business associate but they don’t have a Keeper account? Keeper is pleased to announce the launch of One-Time Share, a new feature that lets Keeper users securely share records with anyone on a time-limited basis, without the recipient having to create a Keeper account.
Measures that actually Do reduce your hacking risks
Robert Bigman, former CISO of the CIA offers tried and proven hacking risk measures that are "must haves" in any organization's cybersecurity toolkit.
Prue Leith Educates the Nation on Digital Cookies
Renowned celebrity baker, Prue Leith, is helping to educate the nation on digital cookies as research shows that over a third of Brits (35%) don’t know what they actually are or what they do. The research, commissioned by Avast, revealed more than four in five (85%) of UK adults have accepted cookies on a website without reading any of the policies or making any changes, yet nearly seven in ten (68%) agree they could be risking their online privacy by doing so.
Stories from the SOC - Command and Control
Once a malicious actor has gained initial access to an internal asset, they may attempt to conduct command and control activity.