Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
ServiceNow Integrations Overview - Tanium Tech Talks #135
Customers rave about the long-standing integrations between Tanium and ServiceNow. Get an insider's overview on today's special part one cross-over episode with the guys from ServiceNow Beers with Engineers show as we discuss the benefits of these two strategic platforms better together.
Still Trusting Automated Patches Blindly? Think Again
JounQin’s npm account, the maintainer of popular packages such as eslint-config-prettier, was compromised in a phishing attack. The attackers used the breached credentials to publish six malicious versions of eslint-config-prettier, along with three additional infected packages tied to the same account. In total, the compromised packages see roughly 78 million weekly downloads. Notably, the account had publishing rights for packages with a combined weekly download count of 180 million!
Responding to ToolShell: A Microsoft SharePoint zero-day vulnerability
A newly discovered exploit, “ToolShell,” is fueling a wave of targeted attacks against on-premises Microsoft SharePoint servers. The zero-day exploit chains two vulnerabilities—CVE-2025-53770, a remote code execution (RCE) vulnerability and CVE-2025-53771, a spoofing vulnerability that allows attackers to bypass authentication. When combined, this critical zero-day vulnerability gives attackers persistent unauthenticated remote access to on-premises SharePoint servers.
From Frameworks to Defence: Using Australia's ISM and Essential Eight Strategically
Aligning with the Australian Government’s Information Security Manual (ISM) and the Essential Eight (E8) remains a foundational step for organizations working with or alongside government agencies. Trustwave’s Essential Eight Control Effectiveness Assessment is a great first step, but relying solely on compliance as a goal can leave security programs stagnant.
Building Resilience Against Modern Cyber Threats
That was the message from major UK retailers like Marks & Spencer and the Co-op during recent Parliamentary hearings on cyber resilience. Their stories weren’t hypothetical, they were recovering from real-world incidents involving identity compromise, supply chain breaches, and operational disruption that cost hundreds of millions of pounds. The lesson is clear. Prevention is necessary, but it is no longer enough.
Webinar Building Cyber Resilience
Matt Lawrence, Director of Cyber Security Operations, shared his insights on why cyber prevention is table stakes. Why cyber resilience is the goal. What happens after an attacker gets in?How do we limit the blast radius?Can we continue to operate even during a breach? Why and how you need to build cyber resilience against modern cyber threats.
The Importance of Multi-Factor Authentication
Passwords alone aren’t enough to keep your accounts safe. Multi-Factor Authentication (MFA) adds an extra layer of security – even if hackers have your password. Watch this short video to learn what MFA is, why it’s important and the best options to protect your data.
Rubrik Continuous Threat Monitoring: Explained!
Your backups should be a safety net, not a Trojan horse. If malware is hitching a ride back into your environment, you're in for a rough ride.
Setting Language Preferences
As your workforce becomes increasingly global, Egnyte makes it easy for users to configure their language preferences in both the Web UI and the Desktop App!
5 proven ways to secure your hybrid network environment during team convergence
Watch the experts edition panel discussion featuring ESG Principal Analyst John Grady and AlgoSec leaders as they explore: How security responsibility is converging across cloud and datacenter environments—and what that means for your team The top causes of cloud breaches—and how to stop them before they spread 5 proven ways to unify visibility, policy enforcement, and zero trust across hybrid multi-cloud networks How to automate security workflows without slowing down innovation Real-world insights on AI risks, agent sprawl, and tool fragmentation in a converged security world.