Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Ultimate Guide to ISO 27001's Cryptographic Controls
Ask anyone on the outside of information security what the most important part of the industry is, and you’ll get a lot of different answers, but among them will be cryptography. Using strong encryption to hide information where it can’t be accessed without the proper authorization makes a lot of sense, and the idea of strong cryptography has saturated popular culture.
Zero-Day Vulnerabilities in September 2025
In September 2025, AppTrana detected 789 zero-days and blocked every single one. Explore the full report to see how complete coverage looks.
SafeBreach
The Only Exposure Validation Platform with Enterprise Expertise Get BAS and CART in one platform that is built to exceed enterprise safety requirements and is backed by a world-renowned research team you won’t find anywhere else. SafeBreach Validate: An award-winning BAS tool designed to utilize the TTPs of malicious actors to test the efficacy of deployed security controls against real-world threats to help you.
Veracode Crowned a Leader in the Q3 2025 Forrester Wave for SAST
Discover why Veracode was named a leader in the Q3 2025 Forrester Wave report on Static Application Security Testing (SAST) solutions. Key Highlights from the Report: Unmatched Detection Power: Spot vulnerabilities with precision and virtually zero false positives, keeping your code clean and secure. Developer-First Fixes: Say goodbye to workflow disruptions with Veracode Fix – automated remediation in IDEs and pull requests that lets devs fix issues on the fly.
Cl0p Exploits Critical Oracle E-Business Suite Zero-Day (CVE-2025-61882)
In October 2025, a critical zero-day vulnerability was disclosed in Oracle E-Business Suite (EBS), tracked as CVE202561882, which allows unauthenticated remote code execution (RCE). This vulneraility affects versions 12.2.3 through 12.2.14 and has already been actively exploited in the wild by the Cl0p ransomware group and potentially other threat actors.
CVE-2025-61882: Oracle E-Business Suite Under Mass Exploitation by Cl0p Ransomware
A critical CVE-2025-61882 Oracle E-Business Suite vulnerability is under active exploitation by the Cl0p ransomware group. This unauthenticated remote-code-execution (RCE) vulnerability — CVE-2025-61882 — in Oracle E-Business Suite (EBS) was patched by Oracle in October 2025 and is being actively exploited in the wild. Multiple security vendors attribute attacks to Cl0p/associated ransomware extortion campaigns and Oracle has published an emergency Security Alert.
Build the SOC of the Future with Splunk and Cisco
I’m not one to blog, but speaking with clients, peers, and colleagues, I often hear statements like “SIEM is dead” or “this is the SOC of the future.” So what do they really mean? Honestly, I’m not entirely sure either — there are so many conflicting viewpoints and ways of addressing this.
CrowdStrike Named a Visionary in 2025 Gartner Magic Quadrant for Security Information and Event Management
We are thrilled to announce that CrowdStrike Falcon Next-Gen SIEM has been named a Visionary in the 2025 Gartner Magic Quadrant for Security Information and Event Management (SIEM). Falcon Next-Gen SIEM is reimagining SIEM with AI, real-time data, and a unified platform approach, delivering the automation, speed, and control to transform SOC operations and power the agentic SOC.
Overview of Teleport Identity Security
In complex environments, identity risk often hides in plain sight - inherited permissions, over-privileged accounts, and scattered audit logs across systems. Teleport Identity Security is a Teleport product that unifies data across systems and provides the tooling to view and investigate access risks faster.