Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
You Don't Have to Fall for the "Tinder Swindler" to Get Cheated this Valentine's Day
The “Tinder Swindler” is an extreme example of how online scammers can mask their identity, charm their victims and bilk them of millions of dollars, but the point is made. Whether you’re looking for love this Valentine’s Day or wanting to show your loved ones how much you appreciate them, beware of online scams. Some of the latest involve gift cards, where scammers who have honed their craft and done their homework about you, ask for payment in the form of gift cards.
Understanding Broken Authentication and Session Management
This video is all about understanding broken authentication and session management. You'll learn the difference between HTTP and HTTPS, what it means to "authenticate" a user, how sessions work, and much more!#brokenauthentication #sessionmanagement Cyphere is a UK-based cyber security services provider helping organisations to secure their most prized assets. We provide technical risk assessment (pen testing/ethical hacking) and managed security services. This advice is a true third party opinion, free from any vendor inclinations or reselling objectives.
Enhancing PCI compliance security with SAST and SCA
The Payment Card Industry Data Security Standard, also known as PCI DSS is a thorough process that reviews a company’s systems and policies for handling and storage of sensitive consumer cardholder data.
How to Use the Snyk CLI to Fix Vulnerabilities in Your Application: The Big Fix
Brian Vermeer, Developer Advocate at Snyk, demonstrates how you can use the Snyk CLI to fix vulnerabilities in your application. Join us for The Big Fix, an event that brings developers and security practitioners round the world to find and fix vulnerabilities. Let's make the Internet a safer and better place than before!
Five Critically Important Facts About npm Package Security
In 2021, the WhiteSource Diffend automated malware detection platform detected and reported more than 1,200 malicious npm packages that were responsible for stealing credentials and crypto, as well as for running botnets and collecting host information from machines on which they were installed.
Arctic Wolf's Canadian Survey Reveals 2022 Cybersecurity Challenges
Late last year, The Canadian Center for Cyber Security published an in-depth threat bulletin declaring it had knowledge of 235 ransomware incidents against Canadian victims from in 2021, with more than half of these victims being critical infrastructure providers. The report also explains that most ransomware events remain unreported to the Center, and—based on past findings—once targeted, ransomware victims are often attacked multiple times.
3 Ways to take your Third- and Fourth-Party Risk Management to the Next Level with Automatic Vendor Detection
Vendors are a key part of every business and, therefore, every organization’s security. Yet, one of the biggest challenges for security and third-party risk management teams is tracking down their vendors. It’s no wonder that 65% of organizations don’t know which third parties have access to their most sensitive data. On top of that, vendor risk management teams need to worry about who their vendors’ vendors are – namely their fourth parties.
How to meet OMB's Zero Trust Strategy goals for IT, IoT and OT Devices
On Jan. 26, the Office of Management and Budget (OMB) published its widely anticipated final version of its zero trust architecture strategy, identifying top cybersecurity priorities for the federal government. This achievement raises the country’s cyber defense strategy to a level commensurate with the “increasingly sophisticated and persistent threat campaigns” it faces.
What is CHECK and CREST penetration testing?
CHECK and CREST are two separate accreditations approved for use by the National Cyber Security Centre (NCSC), and the Council of Registered Ethical Security Testers (CREST). CHECK, which is an abbreviation of IT Health Check Service, is an NCSC initiative for protecting government and public sector systems in line with government policy.
Identity Access Management (IAM) Automation - Intro to Torq Webinar
Security teams are struggling to keep up with the increasing number of attack surfaces and the demands on remediating those attack surfaces in real-time. Security automation is the key to unlocking your security team’s productive potential, but traditional SOAR platforms (Security Orchestration, Automation, and Response) are complex and can take months of development to implement your first automation response sequence.