Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest posts

splunk

Threat Advisory: Telegram Crypto Botnet STRT-TA01

Aug 9, 2021 By Splunk Threat Research Team In Splunk

The Splunk Threat Research Team (STRT) has detected the resurface of a Crypto Botnet using Telegram, a widely used messaging application that can create bots and execute code remotely. The STRT has identified attacking sources from China and Iranian IP addresses specifically targeting AWS IP address space. The malicious actors behind this botnet specifically target Windows server operating systems with Remote Desktop Protocol.

Read Post
cyberint

PetitPotam - NTLM Relay Attack

Aug 8, 2021 By Cyberint Research In Cyberint
Recently published by Lionel Gilles, an offensive security researcher based in France, 'PetitPotam' is a proof-of-concept (PoC) tool used for NT LAN Manager (NTLM) relay attacks that, when executed properly, grants threat actors the ability to take over a Windows Active Directory (AD) domain, including domain controllers (DC), where Active Directory Certificate Services (ADCS) are used. Similar to classic in-the-middle (ITM) or replay attacks, PetitPotam applies similar concepts to its relay attack.
Read Post
Torq

5 Automated Anti-Phishing Protection Techniques

Aug 8, 2021 By Chris Tozzi In Torq

In an age when attackers create over a million phishing sites each month, and phishing serves as a beachhead for 95 percent of all attacks against enterprise networks, how can businesses respond? Part of the answer lies in educating users to recognize and report phishing, of course. But user education only goes so far – particularly because the same statistics cited above show that, on average, only 3 percent of users will report phishing emails.

Read Post
tripwire

Remember a Polaroid? Why This Matters and How Tripwire Keeps this Tradition Alive

Aug 8, 2021 By David Bruce In Tripwire

We’re going to talk about state versus change. For the purposes of our discussion, you need to know that Tripwire Enterprise offers something called TE Commander. Many enterprise applications lack a native command line interface. This can be a challenge if you want to automate and integrate basic operations, which is a necessary function in most enterprise IT environments.

Read Post
manageengine

Five worthy reads: The never-ending love story between cyberattacks and healthcare

Aug 6, 2021 By ManageEngine In ManageEngine

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In this edition, we’ll learn about the legacy between the healthcare industry and cyberattacks, the vulnerable points in the healthcare system, and how risks can be mitigated. Did you know that for 10th year in a row, the healthcare industry has seen the highest impact from cyberattacks of any industry?

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.