Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

opsdemon

Latest posts

protecto

Enhancing Data Security and Privacy with Protecto's AI-Powered Tokenization

Nov 29, 2024 By Amar Kanagaraj In Protecto
The inherently non-deterministic nature of AI inputs, processing, and outputs multiplies risks, making traditional data protection methods insufficient. In the enterprise world, unstructured data—brimming with sensitive information such as Personally Identifiable Information (PII) and Protected Health Information (PHI)—poses a significant challenge, especially as this data flows into AI agents.
Read Post
1Password

Confidential computing at 1Password

Nov 29, 2024 By Jasper Patterson In 1Password
At the heart of 1Password’s security model is our use of end-to-end encryption. This means that your passwords and other secrets are encrypted on your device before being sent to the cloud. Without your encryption keys (derived from your account password and Secret Key), it’s cryptographically impossible for anyone to read your data, even us at 1Password.
Read Post
Spectral

The Developer's Guide to the Cyber Resilience Act

Nov 29, 2024 By Eyal Katz In Spectral
In February 2024, Change Healthcare, one of the biggest IT solution companies in the U.S. healthcare system, suffered from a ransomware attack resulting in a complete shutdown of their IT system. Because of this attack, hospitals and pharmacies experienced interruptions in patient treatments, as well as in payments for several weeks. This is a nightmare for any software developer, security engineer or a company.
Read Post
miniorange

Bring Your Own Device (BYOD): Pros & Cons for Businesses in 2025

Nov 29, 2024 By miniOrange In miniOrange
Bring Your Own Device (BYOD) is becoming increasingly popular in workplaces around the world. With the trend of remote and hybrid working gaining grip and employees seeking more work flexibility, the shift to BYOD policies will be eminent in the coming years. Here is what you need to know before incorporating a BYOD policy at work.
Read Post
foresiet

Salt Typhoon and the T-Mobile Breach: How Chinese Hackers Targeted U.S. Telecom and Political Systems

Nov 29, 2024 By Foresiet In Foresiet
Salt Typhoon, a Chinese state-sponsored hacking group, has emerged as one of the most significant cyber threats to U.S. critical infrastructure. Initially identified in 2020, with increased recognition of their activities in 2021, the group has been linked to high-profile cyber espionage campaigns targeting U.S. telecommunications companies.
Read Post
calligo

Demystifying EU Regulations: DORA and NIS2 - What They Mean for Your Business

Nov 29, 2024 By Calligo In Calligo
Ahead of the EU’s Digital Operational Resilience Act (DORA) coming into force on 17th January 2025, and on the back of the updated Network and Information Security Directive (NIS2) coming into effect from 17th October of this year, organisations across Europe are scrambling to understand what these regulations mean for them. The initial reaction from many businesses is one of concern, and understandably so, non-compliance can lead to significant penalties and reputational damage.
Read Post

Web Shell Upload Via Extension Blacklist Bypass - Part 1

Nov 29, 2024 By VISTA InfoSec In VISTA InfoSec
We delve into an in-depth exploration of a common web security vulnerability related to file uploads and it demonstrates how attackers can exploit weaknesses in file extension blacklists to upload malicious web shells. We also cover the mechanics of bypassing these security measures, including specific techniques and tools used to see practical examples of how to conduct such an attack in a controlled environment, emphasizing the importance of understanding these vulnerabilities for defensive programming.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.