Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
API Attack Awareness: When Authentication Fails - Exposing APIs to Risk
Authentication issues seem like low-level attacks. But authentication today – especially API authentication – can be more difficult than people expect. Companies rely on APIs to carry sensitive information every day. If access to those APIs is not properly secured, all the sophisticated security solutions companies use to protect their data elsewhere are completely undermined.
Why Traditional Security Fails Against AI and Headless Systems
A10 Networks security expert Jamison Utter breaks down the astonishing reality of modern internet traffic: over half of all traffic carriers' processes are no longer human—they're from headless systems, such as bots, crawlers, and AI.
Snyk Named a Leader in the 2025 Gartner Magic Quadrant for Application Security Testing
We’re thrilled to announce that Snyk has been recognized as a Leader in the 2025 Gartner Magic Quadrant for Application Security Testing (AST)! This recognition, based on our vision and ability to execute, validates our core mission: to empower developers to build securely from the start while giving security teams complete visibility and comprehensive controls.
Understanding the Colt Attack
As Jaguar Land Rover (JLR) announces a return to operations after a six-week disruption, a lengthier, less publicised UK-based cyber-attack recovery remains unresolved. Perhaps the relative quiet is because Colt Technology Services, a critical connectivity and trading network serving major banks and stock exchanges in ~30 countries, is not a household name like JLR, Co-Op, or M&S. Or perhaps it’s because the narrative doesn’t fit the now-expected Scattered Spider storyline.
Intel Chat: RediShell, Cisco 0-day, AI voice cloning, Brickstorm & teen hackers arrested [256]
Intel Chat - Episode 256: RediShell, Cisco 0-day, AI voice cloning, Brickstorm & teen hackers arrested A podcast about cybersecurity and the people that keep the internet safe. New episodes drop weekly. Chris and Matt dive into critical vulnerabilities, sophisticated threat actors, and emerging attack vectors. From a 13-year-old Redis vulnerability with active exploitation to China-linked espionage targeting infrastructure blind spots, this episode covers some of the most significant security developments impacting organizations today.
A CISO's Guide to the DoW's New CSRMC Framework
The Department of War’s (DoW) new Cybersecurity Risk Management Construct (CSRMC) marks a watershed moment for cyber defense. This move confirms that static, checklist-based security is obsolete. To defend against modern threats, organizations must adopt the continuous and proactive posture management approach experts have been recommending for years.
How Arctic Wolf's Custom Dashboards Enhance Visibility
In this demo, explore how the Arctic Wolf unified portal provides visibility into your aggregated security data while also providing flexible visualizations and reporting through custom dashboards.
Stop Living-off-the-Land Attacks with Falcon Endpoint Security: Demo Drill Down
Modern adversaries have shifted away from traditional malware toward weaponizing legitimate tools like RMM software, Windows utilities, and administrative programs. These "living-off-the-land" attacks blend seamlessly into normal business operations, making them extremely difficult to detect with traditional security tools.
CISA Emergency Directive 2503: What It Means for Cisco ASA and Firepower Devices
CISA Emergency Directive 25‑03 mandates that federal civilian executive branch (FCEB) agencies immediately identify and mitigate vulnerabilities in Cisco ASA and Firepower devices. The vulnerabilities, which affect SSL VPN components, can be exploited by attackers to gain unauthorized access and pivot across networks. CISA’s actions are based on observed exploit activity in the wild and the critical role these devices play in public sector infrastructure.
VM Backup Gets Cloud-Native: How Spectro Cloud and CloudCasa Make It Actually Work
For years, backing up virtual machines has been a necessary evil — a dull, repetitive chore hidden deep inside IT maintenance schedules. It’s the sort of thing that keeps enterprise workloads safe but rarely excites anyone. You’d spin up VMs, configure snapshots, cross your fingers before a restore, and hope that your “incremental forever” backup didn’t quietly break somewhere along the way. But lately, something has started to shift.