Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
New PCI Regulations Indicate the Need for AppSec Throughout the SDLC
The PCI Security Standards Council (SSC) is a global organization that aims to protect payment transactions and consumer data by developing standards and services for payment software vendors that drive education, awareness, and implementation. Since payment software is constantly changing, the SSC is constantly evolving and adapting its standards to ensure that vulnerabilities and cyberattacks are minimized.
N-Day Vulnerabilities: How They Threaten Your ICS Systems' Security
In the last quarter of 2019, researchers at ClearSky uncovered an attack operation that they dubbed the “Fox Kitten Campaign.” Iranian actors used this offensive to gain persistent access into the networks of dozens of companies operating in Israel and around the world across the IT, telecommunication, oil and gas, aviation, government and security sectors. These individuals were successful in their efforts because they employed a variety of attack vectors.
Introduction to Kubernetes Networking
A step-by-step eBook covering everything you need to know to confidently approach Kubernetes networking, starting with basic networking concepts, all the way through to advanced Kubernetes networking with eBPF.
Ordell Robbie, Tripwire and Security Configuration Management.
Is this Jackie Brown or is it Tripwire? The reality is, it’s both. This is a powerful scene in Jackie Brown because it illustrates what Tripwire is all about in making sure that a golden image can be maintained via secure configuration management. But how would you know if it was changed?
SIEM Tutorial: What should a good SIEM Provider do for you?
Modern day Security Information and Event Management (SIEM) tooling enterprise security technology combine systems together for a comprehensive view of IT security. This can be tricky, so we’ve put together a simple SIEM tutorial to help you understand what a great SIEM provider will do for you. A SIEM’s responsibility is to collect, store, analyze, investigate and report on log and other data for incident response, forensics and regulatory compliance purposes.
The Spectrum of Mobile Risk
The time has come for enterprise risk management to change. Mobile devices have become core to our personal and professional lives, yet most enterprises remain focused on traditional PC endpoints. Although many of the same elements of risk that affect PCs also apply to mobile endpoints, simply extending current PC security controls to your mobile fleet is ineffective. Enterprise risk management needs to evolve to address mobile risks, and security professionals must architect mobile-specific security.
Why proactive mobile app defense is a must-have for financial services
Consumer financial institutions are in the midst of a digital transformation that includes moving traditional face-to-face customer interactions to mobile devices. Forty-three percent of people who own a mobile device and have a bank account use mobile banking, according to a Federal Reserve study titled, "Consumers and Mobile Financial Services." Mobile banking creates unprecedented conveniences for customers, such as mobile check deposits, near-instant person-to-person transfers, and access to personal financial accounts in real time.
Detecting Ryuk Using Splunk Attack Range
Cybersecurity Infrastructure Security Agency (CISA) released Alert (AA20-302A) on October 28th called “Ransomware Activity Targeting the Healthcare and Public Health Sector.” This alert details TTPs associated with ongoing and possible imminent attacks against the Healthcare sector, and is a joint advisory in coordination with other U.S. Government agencies.
Ryuk and Splunk Detections
Several weeks ago, my good friend Katie Nickels (Director of Intelligence at Red Canary extraordinaire) and I were chatting about Ransomware. She was super interested and passionate about some new uses of a ransomware variant named “Ryuk” (first detected in 2018 and named after a manga/anime character) [1]. I was, to be honest, much less interested. It turns out, as usual, Katie was right; this was a big deal (although as you will see, I’m right too… still dull stuff!).
What is Smishing? SMS phishing explained
SMS phishing, or “Smishing,” is a mobile phishing attack that targets victims via the SMS messaging channel rather than through email. A natural evolution of the phishing phenomenon, smishing attacks attempt to dupe mobile users with phony text messages containing links to legitimate looking, but fraudulent, sites. These smishing sites try to steal credentials, propagate mobile malware, or perpetrate fraud.