Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
opsdemon
Latest posts
Privacy and confidentiality: what is the difference? | TrustTalks - Ep 3 | Security and GRC Podcast
Are you confused about the difference between privacy and confidentiality? Don’t worry, you’re not alone. While these terms are often used interchangeably, they actually have distinct meanings. In this podcast, we will explore the nuances of privacy and confidentiality, helping you understand their significance and how they relate to each other. Privacy refers to the right to maintain control over your personal information. It involves the ability to keep certain details about your life, preferences, and activities private and secure.
The Love Bug Virus: How It Shaped Cybersecurity Awareness
Reflect on the early days of cyber threats with the Love Bug virus. Discover how this simple yet effective attachment-based attack marked a turning point in the evolution of malicious actors.
Beyond Traditional Security: Addressing the API Security Gap
Let’s be honest: APIs are the unsung heroes of the modern business world. They work silently behind the scenes, connecting applications, driving innovations, and ensuring your digital transformation stays on track. However, there’s a crucial downside: APIs can pose a significant security risk. They can be likened to unlocked doors leading to your sensitive data and essential business functions—an ideal target for hackers.
Humans vs AI: Building a Security Culture That Actually Works with Noora Ahmed-Moshe
As AI reshapes cybersecurity threats, understanding how scams are evolving has never been more critical. Welcome to Razorwire. I'm Jim, and today I'm talking with Noora Ahmed-Moshe, VP of Strategy and Operations at Hoxhunt. We'll explore how AI is transforming cybersecurity threats and what that means for protecting ourselves and our organisations.
How 1Password supports SOC 2 compliance
The rapid adoption of cloud technologies and the increasing reliance on distributed workforces have transformed the modern business landscape. However, these shifts come with significant risks, particularly concerning the protection of sensitive data.
What is PHI? (Protected Health Information) | TrustTalks - Ep 1 | Security and GRC Podcast
Let's deep dive into PHI (Protected Health Information). Understand it's importance, best practices, legalities, risks, and more.
The Vendor's Survival Guide to Security Questionnaires | TrustTalks Ep 5 | Security and GRC Podcast
Seeking a solution that streamlines vendor risk management and automates security questionnaires? Imagine a tool that offers a comprehensive portal, securely shares information, uses AI to handle responses, and frees up your evenings. It might sound too good to be true, but with TrustShare, it’s a reality. Forget the hassle of maintaining a knowledge base or configuring tools meant for RFPs. TrustShare takes care of everything, from AI-driven responses to seamless information sharing, which leads to faster sales cycles.
75% of Black Friday Spam Emails Are Scams
Three out of four Black Friday-themed spam emails are scams, according to researchers at Bitdefender. Most of these scams are targeting users in the US and Europe. “This year, 77% of all Black Friday-themed spam (by volume) analyzed by Bitdefender’s Antispam Lab team was classified as scams, while only 22% was identified as marketing lures—emails designed to drive traffic to legitimate but overly aggressive promotions,” the researchers write.
CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution
On November 20th, 2024, Zero Day Initiative (ZDI) researchers disclosed a critical flaw in 7-Zip. This widely used open-source file archiving software enables remote actors to perform remote code execution (RCE) on vulnerable 7-Zip versions. This vulnerability was originally discovered earlier this year and was reported to 7-Zip in June 2024.
What Is Penetration Testing?
Penetration testing, also referred to as pen testing, is a simulation of a cyber attack that organizations conduct to identify security vulnerabilities within their systems. By finding weaknesses through a simulated cyber attack, organizations can pinpoint areas that need improvement before a cybercriminal can exploit them. Penetration testing helps organizations address issues in their systems to prevent unauthorized access, meet compliance requirements and minimize the risk of phishing attacks.