Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2024

riskoptics

Troubleshooting Vulnerability Scan Failures: A Quick Guide

Feb 21, 2024 By RiskOptics In RiskOptics
In the digital age, assuring the security and integrity of IT infrastructure is paramount for businesses of all sizes. Vulnerability scanning plays a crucial role in identifying weaknesses in systems and networks, and forms the backbone of any robust cybersecurity strategy. What happens, however, when this critical step fails or encounters issues?
Read Post
riskoptics

2024's Top GRC Solutions: Finding the Best for Your Business

Feb 21, 2024 By RiskOptics In RiskOptics
Implementing an effective governance, risk, and compliance (GRC) framework has become essential for businesses seeking to manage risk and assure regulatory compliance. That’s easier said than done, unfortunately. Given today’s challenging regulatory and security environments, organizations need robust GRC capabilities to align governance, risk, and compliance activities. The key is finding the right GRC platform to meet your specific GRC needs.
Read Post
Trustwave

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

Feb 21, 2024 By Ed Williams In Trustwave
The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow won’t impact ransomware overall. As in the past, another group will pick up the slack, or LockBit itself will reform and get back into business.
Read Post
one identity

Is it possible to shift on-premises Active Directory to the cloud with AWS Managed Microsoft Active Directory?

Feb 21, 2024 By Daniel.Conrad In One Identity
I’ve seen this question bouncing about in different forums for quite some time now. I haven’t seen any definitive answers because it always depends on the organization’s use of AD. Recently, I noticed something called AWS Managed Microsoft Active Directory. I must admit, six months ago I was not aware of AWS Managed Microsoft Active Directory, but when I started looking into this cloud-based AD solution, some connections started coming together.
Read Post
WatchGuard

Advantages of including an MDR service in your offering

Feb 21, 2024 By Iratxe Vazquez In WatchGuard
Cyberattacks are evolving and growing more sophisticated, organizations are reacting to this by scaling the cybersecurity solutions they deploy to include services that go beyond threat protection. They are increasingly realizing that other factors such as monitoring and responsiveness are key to protecting their business.
Read Post
sysdig

Sysdig Named Leader and Outperformer in GigaOm Radar for Container Security

Feb 21, 2024 By Marla Rosner In Sysdig
Containers have revolutionized development in the cloud, allowing dev teams to work with unprecedented speed, efficiency, and scale. But securing containers at that speed and scale can be a thorny problem. The infrastructure of containers is complex and contains multiple attack vectors, and most enterprises don’t have the time or resources to secure all attack vectors for all containers.
Read Post
boxyhq

SSO vs. Identity Federation: Optimizing Authentication for Modern Enterprises

Feb 21, 2024 By Sama - Carlos Samame In BoxyHQ
In today's interconnected digital ecosystem, businesses are constantly seeking efficient and secure solutions to manage user authentication across multiple applications and domains. Identity Federation and Single Sign-On (SSO) stand out as two prominent approaches, each offering distinct advantages and use cases. Let's explore the differences between Identity Federation and SSO, their benefits, and how they address the evolving needs of enterprises.
Read Post
CrowdStrike

CrowdStrike 2024 Global Threat Report: Adversaries Gain Speed and Stealth

Feb 21, 2024 By Adam Meyers In CrowdStrike
The CrowdStrike Global Threat Report, now in its tenth iteration, examines how adversaries’ behavior poses an ever-expanding risk to the security of organizations’ data and infrastructure. Armed with this critical information, organizations are better equipped to face evolving threats. Stealth was the pervading theme of the 2023 threat landscape.
Read Post
upguard

A Grim Outlook for Microsoft with MonikerLink and Exchange Vulnerabilities

Feb 21, 2024 By Caitlin Postal In UpGuard
Microsoft's Patch Tuesday updates in February 2024 include critical fixes for two zero-day vulnerabilities: CVE-2024-21413 impacting Microsoft Outlook (called MonikerLink) and CVE-2024-21410 impacting Microsoft Exchange Server. The former allows remote code execution to access and leak privileged information, while the latter permits privilege escalation (potentially using credentials leaked by the former). These security risks expose a victim's machine to potentially malicious arbitrary code execution.
Read Post

#103 - A better way forward for cybersecurity with Maxime Lamothe-Brassard, Founder of LimaCharlie

Feb 21, 2024 By LimaCharlie In LimaCharlie
In this episode of The Cybersecurity Defenders Podcast, we delve into an innovative, engineering-centered perspective on cybersecurity with Maxime Lamothe-Brassard, the Founder & CEO of LimaCharlie. As part of the Canadian Intelligence apparatus, Maxime worked in positions ranging from development of cyber defence technologies, Counter Computer Network Exploitation, and Counter Intelligence. Maxime led the creation of an advanced cyber security program for the Canadian government and received several Director’s awards for his service.
View Video
knowbe4

QR-Code Attacks Target the C-Suite 42 Times More than Standard Employees

Feb 21, 2024 By Stu Sjouwerman In KnowBe4
QR-code attacks leveraging QR-codes are kicking into high gear and becoming a common method used in phishing attacks, according to new data from Abnormal Security. We saw a surge in QR-code based phishing attacks late last year. And new data in security vendor Abnormal Security’s H1 2024 Email Threat Report gives us some additional insight into how these attacks are being executed.
Read Post
knowbe4

Anyone Can Be Scammed and Phished, With Examples

Feb 21, 2024 By Roger Grimes In KnowBe4
I recently read an article about a bright, sophisticated woman who fell victim to an unbelievable scam. By unbelievable, I mean most people reading or hearing about it could not believe it was successful. A group posing as an Amazon employee and various U.S. law enforcement agencies were able to convince a woman to take $50,000 out of her bank account in cash and hand it off to a complete stranger in the streets. It is a wild story and most of us would not be tricked into doing what happened to her.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.