Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Elastic: Discovering today's threat landscape: The 2025 Elastic Global Threat Report
Our annual Elastic Global Threat Report provides valuable insights and top adversary trends based on the past year's unique telemetry gathered from hundreds of millions of events. Hosted by experts and industry veterans, this webinar dives into the major findings from the 2025 Elastic Global Threat Report. With proprietary insights into topics on adversary tactics and defender strategies, this webinar is a must-attend to see the trajectory of today's AI-era threat landscape and learn how you can best prepare for the future.
What Moral Injury Really Feels Like
Sometimes in cybersecurity, there are no good choices - or you’re not allowed to make the right one. When professionals are forced into decisions that go against their values, it leaves a lasting mark. This is moral injury, and it’s more common than you think.#CyberSecurity.
ShaiHulud worm and the Nx / S1ngularity attacks: How-to use JIT Access to Stop the Chain Reaction
The Shai‑Hulud worm and the Nx / S1ngularity attacks show how token‑stealing malware, vulnerable workflows, and always‑on elevated permissions allow cascading compromise. Enforcing JIT access on repository, organization owner/admin roles, and team‑based inherited permissions sharply reduces exposure, limits damage, and strengthens audit/compliance posture.
How CISOs Apply Zero Trust Thinking to Credential Harvesting Prevention
A customer opens their bank’s login page. At least, that’s what they think. The design is flawless, the fields are familiar. But it’s a cloned site built to harvest credentials. Within seconds, their details are replayed against the genuine portal. To the bank’s defenses, it looks like business as usual – same username, same password, same MFA prompt. This is the reality of credential harvesting, one of the most common precursors to account takeover.
How to Set Up AD Password Expiration Notification for Your Organization
Learn how to set up AD password expiration notifications, avoid lockouts, reduce helpdesk calls, and improve compliance with automated reminders.
How Does Fidelis NDR Use Machine Learning to Detect Threats Earlier and Respond Faster?
You face more signals than your SOC can triage and more lateral movement than your legacy rules can see. Signature-only controls miss new techniques, while manual triage slows response. The gap between “alert created” and “incident contained” widens when you can’t separate real risk from noise. Adversaries exploit encrypted channels, low-and-slow exfiltration, and living-off-the-land tools that look like normal activity. Missed weak signals become major incidents.
Is CMMC Still Needed if You Have a QMS or ISMS?
CMMC is a strict and difficult standard to meet, which leads a lot of companies to wonder: how necessary is it, really? After all, CMMC is not alone in the world of security and compliance. There are a lot of other frameworks, both within the United States (like FedRAMP) or internationally (like ISO 27001). Companies that meet other compliance standards and have systems in place, like an ISMS or a QMS, might wonder: Is CMMC still required?
Securing Your Software Supply Chain with Veracode: Protect Against Attacks Proactively
In today's escalating landscape of software supply chain attacks, enterprises are facing infiltration from malicious open-source libraries and compromised components. Join us in this solution brief video as we dive into Veracode's comprehensive Application Risk Management Platform, designed to detect, prevent, and inform on vulnerabilities at their source.
The Network Detection & Response (NDR) platform trusted by top cybersecurity teams
Proven in the world’s most demanding environments, Corelight’s Open NDR Platform illuminates network blind spots and uncovers hidden threats to disrupt attacks before they escalate. Get unified visibility, multi-layered AI-driven threat detections, AI-powered triage workflows, and industry-leading forensic capabilities in one unified platform. Elite defense, now within reach of the enterprise.