Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
How to Manage Digital Gifting in B2B With a Compliant Gift Card API
Modern businesses face mounting pressure to strengthen relationships with employees, clients, and partners through meaningful rewards. Traditional gifting methods create logistical nightmares, compliance headaches, and budget overruns that drain resources. Companies need solutions that streamline reward distribution while meeting strict regulatory requirements. Digital gifting platforms offer the answer, but only when backed by robust API infrastructure that ensures security, compliance, and seamless integration with existing business systems.
Vanta Raises $150M Series D to Power the Future of AI-Driven Trust
Funding to accelerate AI innovation and expansion into new markets including third party risk and government compliance.
How to Make Security an Enabler Rather Than a Blocker for Engineering ft Jayesh Singh Chauhan
In today's fast-paced tech environment, cybersecurity has become an integral part of software development. Join Jayesh Singh Chauhan, Founder of Cloudurance Security and former CISO at CoinSwitch, in this insightful fireside chat hosted by The 403 Circle, powered by Astra Security, as we explore practical strategies to seamlessly integrate cybersecurity into engineering without compromising speed. In this webinar, we discuss.
Spider in the works
From the passing Telegraph and Guardian coverage to orchestrated BBC and NCSC collaboration, the British media is repeatedly spotlighting Scattered Spider as 2025’s stimulant to jolt organisations into action. While this coverage has dislodged two blatant misconceptions, it has propagated several more subtle ones.
CVE-2025-53770: A Critical SharePoint RCE Threat Exploited in the Wild
A newly disclosed vulnerability, CVE-2025-53770, has sent shockwaves through the enterprise IT and cybersecurity community. Affecting on-premises Microsoft SharePoint Server, this critical flaw enables unauthenticated remote code execution (RCE) through insecure deserialization of untrusted data. With a CVSS v3.1 score of 9.8, it represents one of the most severe threats to SharePoint deployments in recent years.
CTI Roundup: BlackSuit, AsyncRAT, HazyBeacon
BlackSuit ransomware combines data exfiltration and encryption, AsyncRAT spawns multiple forks, and HazyBeacon abuses AWS Lambda for command and control.
What Makes an Asset Risk Assessment Effective in a Threat-Driven World?
Industry experts with over a decade of cybersecurity experience recognize that the old ways of doing risk assessment just don’t work anymore. You know what I mean? Those quarterly checklists and vulnerability scans that made us feel secure? They’re practically useless against today’s threats. Think about it. While you’re running your scheduled scan, attackers are already inside your network, mapping everything out.
In-the-wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies
Two critical zero-day vulnerabilities in the Microsoft SharePoint Server environment, CVE-2025-53770 (9.8 CVSS score) and CVE-2025-53771 (6.5 CVSS score), are being actively exploited by threat actors to compromise vulnerable on-premises SharePoint servers. The two new vulnerabilities are part of a complex attack chain dubbed “ToolShell”, which grants threat actors access to unpatched SharePoint servers’ content and the ability to execute code over the network.
AI is cybersecurity's biggest threat
It’s also its greatest defense The biggest threat in our rapidly evolving cybersecurity landscape is artificial intelligence (AI).1 It’s also our greatest defense. Cybersecurity is a high-stakes game where everything is on the line and decisions have to be made fast. For years, cybersecurity strategy has been about increasing visibility to make informed decisions from vast amounts of data.
Why Most Businesses Fail at GDPR & How you can win
60% of companies think they’re GDPR-compliant… but they’re not. And when the audits or complaints hit, it’s already too late. The average GDPR fine so far has exceeded €1.5 million for large corporations, with smaller businesses also facing substantial penalties. Nearly 70% of companies lack a comprehensive data inventory, leaving them vulnerable. Only 50% of organizations have a formal breach response plan in place.