Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Microsoft Integration for a secure mobile workforce
The demand for secure remote worker solutions has dramatically grown and corporations are trying to provide secure access to business data while preserving user privacy on their personal devices. Leveraging the new Microsoft Endpoint Manager App Protection with Lookout capability, organizations can provide secure access to O365 and Teams apps, related data, and user credentials from a user’s personal mobile devices.
Where does mobile fit into security frameworks
Hear how mobile fits into guidance provided by organizations like NIST and CIS, how that affects compliance and security policies, and why it should matter to organizations everywhere. Join Tim Lemaster and Hank Schless as they chat about this and answered questions about how smartphones and tablets fit into your security strategy.
Phishing Threats in Mobile-enabled world
Your employees work differently now and the usage of primarily mobile devices opens a whole new door of vulnerabilities that organizations need to consider. Namely, phishing threats.
Enabling compliance for database access
Description: Enterprise databases hold an organization's most sensitive information and need to be protected. Beyond that, organizations must also demonstrate compliance with frameworks like FedRAMP, HIPAA, SOC2, GDPR and more for these databases. Complying with these frameworks without slowing down DBA teams is a challenge. This webinar will demonstrate how to unify access controls for connectivity, authentication, authorization, and audit for popular OSS databases Postgres, MySQL and MongoDB so you can move fast but stay secure.
Moving fast, and meeting HIPAA compliance with Teleport
How Dylan Statmat of https://www.verticalchange.com/ uses Teleport to obtain HIPAA compliance.
How to Keep Your Cloud Infrastructure Secure and Compliant
In a world of hyperscale public clouds, dynamically provisioned environments, distributed teams and remote work, how can you reliably secure access to your infrastructure and satisfy compliance requirements without slowing down your development teams? Gus Luxton discusses the essential elements of secure infrastructure access and how you can implement best practices in your environment. Speaker: Gus Luxton.
CVE-2020-0696 - Microsoft Outlook Security Feature Bypass Vulnerability
During an investigation of a malware campaign, I discovered that multiple emails were bypassing a specific email security system. Interestingly, there were no bypass techniques used. Instead, the flood of spear-phishing emails made the email security system allow some of the emails, at which point I began my research on Microsoft Outlook. The issue in this case was that the specially crafted malicious link parsing on the security system was weak.
Adopt user analytics to accelerate security investigations
Machine data analytics is the process of parsing data generated by software from a wide variety of sources including servers, networks, applications and financial records. These, and many other similar sources, produce massive amounts of data including from local operating systems, identity/access management tools, cloud consoles and their associated log files, alerts, scripts and profiles.
Steps to Stay Ahead of Risks and Protect Data Privacy
Technology has advanced our world in countless ways. Every day we bank, shop, conduct business and exchange photos and messages with family and friends online. While digital devices and services offer great convenience, they also pose risks to our data and privacy as the separation between our offline and online lives converges. Data Privacy Week, spanning January 24-28, serves as an important reminder of the importance of protecting our privacy and safeguarding personal information.
Dark Overlord collaborator imprisoned for trading stolen identities
A Canadian man has been handed a three year prison sentence after being found guilty of buying and selling over 1700 stolen identities on a dark web marketplace. 29-year-old Slava Dmitriev, who went by the online handle of “GoldenAce”, bought and sold individuals’ personal private information, including social security numbers, on the AlphaBay dark web marketplace in 2016 and 2017.