Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Netwrix: Modern Endpoint Management for Wherever Work Gets Done
In today's hybrid work environment, employees access their desktops and laptops at the office, at home, while travelling and through kiosks. Keeping everything up to date and secure can be a challenge because most tools are not designed for modern management scenarios. With the Netwrix PolicyPak platform, you can simplify management and enhance security across your hybrid or remote workforce.
Netwrix: How To Implement A CIS Hardened Build Standard
Commercial and open source system configurations generally lack all the necessary security measures needed before deploying into production. These configurations will often times have features and functionalities enabled by default, making them less secure and a prime target for today's cyber criminals. Implementing a CIS hardened build standard can help you address this issue by disabling and removing unnecessary functionalities and features, allowing your security team to proactively minimize system vulnerabilities, enhance system integrity, achieve compliance, and reduce your attack surface.
Cyberint: A Glimpse into the Dark Web
We all know that the dark web is a haven for malicious activity. This is the place where cybercriminals coordinate attacks and distribute malware and phishing kits. But do you know how these things might affect you? Join our webinar to get a glimpse into the dark web and learn how you can prepare yourself against attacks originated there! Our speaker, Jacob Silutin, one of Cyberint's top security experts, has extensive experience with the dark web from his former position at the Israeli Security Agency.
4 golden reasons for equipping your SOC with ManageEngine Log360
Cyberattacks are fast becoming a part of our daily lives. Multiple sources such as Norton Security and Forbes suggest that since the pandemic, attacks are not only increasing in number, but they are becoming more targeted and sophisticated. The attackers using Ransomware as a Service and double extortion techniques are prime examples of how sophisticated attacks are becoming these days. Norton Security states that there are more than 2,200 cyberattacks on a daily basis.
Nearly $620 Million Stolen in Major Cryptocurrency Heist
Read also: the US charges four Russian hackers, Lapsus$ leaks 70GB of Globant data, and more.
7 ways to defend against a credential stuffing attack
This blog was written by an independent guest blogger. Credential stuffing attacks essentially doubled in number between 2020 and 2021. As reported by Help Net Security, researchers detected 2,831,028,247 credential stuffing attacks between October 2020 and September 2021—growth of 98% over the previous year. Of the sectors that did experience credential stuffing during that period, gaming, digital and social media, as well as financial services experienced the greatest volume of attacks.
Egress + Spear Shield partnership
We recently caught up with Max Harper to get his view on why our partnership with Spear Shield - Cybersecurity Solutions (https://www.spearshield.co.uk) is off to a flying start 👌 We love our shared value of using great tech to meet our customers' needs!
Find out more about our products at: https://www.egress.com/products
The Next Log4Shell? Spring4Shell Hitting Waves.
A new vulnerability was found in the Spring Core module of the Spring Framework. This was discovered by a Chinese security researcher, posting a Proof-of-Concept (POC) on GitHub (Figure 1), which later was deleted. This vulnerability is a zero-day, which currently wasn’t assigned a CVE, and was dubbed by security researchers as “Spring4Shell” or “SpringShell”, after the recent vulnerability in the Log4j Java package, discovered last December, and made waves worldwide.
Common mistakes in cyber incident response planning
In this blog post, we outline some of the key errors organisations should avoid to ensure that they are ready to manage, minimise and mitigate the impact of a data breach or cyber-attack.
Spring4Shell Zero-Day Vulnerability: Information and Remediation for CVE-2022-22965
Overview The internet is abuzz with the disclosure of CVE-2022-22965, an RCE vulnerability in Spring, one of the most popular open-source frameworks for Java applications in use today. Known as “Spring4Shell” or “SpringShell”, the zero-day vulnerability has triggered widespread concern about the possibility of a wave of malicious attacks targeting vulnerable applications. Is this Log4j 2.0?