Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Understanding DocumentDB's Network Security Trade-Offs: The VPC Challenge
AWS DocumentDB by default is securely isolated within a VPC, unreachable from the public internet, what could be more secure? This security architecture can create unexpected challenges and complexity. The root cause? The very VPC isolation designed to protect DocumentDB can introduce a complex web of networking requirements, operational considerations, and architectural decisions that require careful management to maintain security.
Warning: New Phishing Campaign Targets Instagram Users
A phishing campaign is targeting Instagram users with phony notifications about failed login attempts, according to researchers at Malwarebytes. Notably, the emails contain "mailto" links rather than traditional URLs, which help the phishing messages avoid being flagged by security filters. "Instead of linking to a phishing website, which is most common with emails like this, both the ‘Report this user’ and ‘Remove your email address’ links are mailto links," the researchers write.
ClickFix Social Engineering is Becoming More Popular
ClickFix attacks have been around for decades; only the name is new. ClickFix attacks use social engineering to trick users into clicking on buttons and links that the user is told are needed so their browser or computer can perform some desired action.
Introducing Netskope One Copilot for Private Access
Any organization that’s undergone a security transformation knows the promise of zero trust network access (ZTNA): secure, least-privilege access to private applications, anywhere, on any device. But turning that promise into operational reality is often far from simple. Between fragmented tools, complex configurations, and sprawling environments, implementing ZTNA can quickly become a manual, time-consuming, and error-prone process.
Beyond LLMs: The Strategic Need for MCP Security
Large language models (LLMs) are transforming enterprise operations, but their growing use introduces a critical security challenge: securing how they access sensitive data and integrate with existing tools. This is where Model Context Protocol (MCP) servers become a vital, yet often overlooked, part of AI security. These servers act as the crucial link, enabling LLMs to securely connect with diverse data sources and tools, significantly expanding attack surfaces that demand our immediate attention.
DORA Penetration Testing: What CTOs and CISOs Need to Know
The Digital Operational Resilience Act (DORA) is the EU’s response to the increasing operational risks posed by an interconnected financial system. It’s about more than cybersecurity; it’s about proving that financial institutions can keep critical services running through disruption. That’s where DORA penetration testing fits in. It shifts testing from a technical task to a strategic control, one that connects technology, risk, and business continuity.
Content Marketing Is the Key to Sustainable Business Growth
Content marketing is no longer just a buzzword; it has become a core business strategy. As consumer behavior shifts and digital platforms continue to evolve, brands must find authentic ways to connect with their audiences. Instead of relying solely on hard-sell tactics, content marketing offers valuable information that meets the needs of potential customers. This approach helps build trust, strengthen brand authority, and promote long-term engagement. For companies focused on scaling, content becomes more than just a tactic; it serves as the engine behind sustainable growth.
How to Navigate Compliance Challenges with NetSuite ERP Systems
Having compliance nightmares in your business? You are not alone, and one of the biggest challenges organizations face is not being able to juggle between different regulations from one jurisdiction to another. In fact...
SquareX Researchers Reaffirms their Browser Security Thought Leadership with Multiple Vulnerability Disclosures in Key Black Hat and DEF CON 33 Talks
SquareX will be disclosing multiple key research findings at Black Hat USA and DEF CON 2025 this August. Through multiple talks, the researchers will be revealing critical architectural vulnerabilities in passkey authentication systems, enterprise DLP and browser extensions.
Early Bird Registration Now Open for The Inaugural OpenSSL Conference 2025
Early Bird registration is now available for the inaugural OpenSSL Conference, scheduled for October 7-9, 2025, in Prague. The event will bring together leading voices in cryptography, secure systems, and open-source infrastructure. Early registrants can save up to $240 per ticket.