Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2024

riskoptics

Navigating the Future of AI Governance: A Guide to NIST AI RMF, ISO/IEC 42001, and the EU AI Act

Feb 15, 2024 By RiskOptics In RiskOptics
In the rapidly evolving landscape of artificial intelligence (AI), governance, risk, and compliance (GRC) professionals somehow need to navigate the increasingly complex challenges of trustworthy development, deployment, and monitoring of AI systems.
Read Post
armo

Beyond the noise: runtime-based vulnerability management for effective threat control

Feb 15, 2024 By Yossi Ben Naim In ARMO
In an ideal world, patching every vulnerability before attackers discover them would be a breeze. The reality of the evolving cloud-native landscape, with its ever-changing mix of cloud, DevOps, mobile, and critical infrastructure, paints a different picture. New risks emerge constantly, leaving traditional vulnerability management approaches struggling to keep up. Meanwhile, Security and DevOps teams face ongoing pressure to protect their organizations from vulnerabilities.
Read Post
knowbe4

Iran-Aligned Threat Actor "CharmingCypress" Launches Spear Phishing Attacks

Feb 15, 2024 By Stu Sjouwerman In KnowBe4
Researchers at Volexity warn that the suspected Iranian threat actor CharmingCypress (also known as “Charming Kitten” or “APT42”) has been launching spear phishing attacks against Middle Eastern policy experts. “Throughout 2023, Volexity observed a wide range of spear-phishing activity conducted by CharmingCypress,” the researchers write.
Read Post
knowbe4

Over Half of Malware Downloads Originate from SaaS Apps

Feb 15, 2024 By Stu Sjouwerman In KnowBe4
As the popularity of SaaS apps continues to grow, security analysts expect the misuse of such apps as the host for malware downloads to continue to rise through 2024. I’ve provided plenty of examples on this blog of threat actors using cloud-based SaaS applications to host impersonated websites and malicious downloads. The credibility of such sites aids the cybercriminal, as traffic to and from reputable sites have a tendency to get past security solutions.
Read Post
Trustwave

Lessons to be Learned: Attacks on Higher Education Proliferate

Feb 15, 2024 By Trustwave In Trustwave
Trustwave SpiderLabs is wrapping up a multi-month investigation into the threats facing the education sector, across higher education, primary and secondary schools. Trustwave will post the 2024 Education Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies report on February 22, but here are a couple of early findings along with a round-up of some of the higher-profile attacks on education targets that have taken place in the last year.
Read Post
idstrong

National Vascular Care Provider Confirms Cyber Attack; 348k Exposures

Feb 15, 2024 By Steven In IDStrong
Azura Vascular Care operates a national network of health and wellness centers. They specialize in minimally invasive procedures and strive to treat vascular conditions in comfortable, out-patient settings. They offer healthcare in 25 states with multiple facilities and specialized teams. At the end of last year (2023), Azura discovered a threat actor within their network environment; officials removed the threat, but not before the criminals obtained 348k patient records.
Read Post
splunk

Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard

Feb 15, 2024 By Mauricio Velazco In Splunk
On January 19, Microsoft issued an advisory disclosing a cybersecurity incident targeting their M365 tenants and attributing the attack to Midnight Blizzard, a state-sponsored actor also known as Nobelium and APT29. Following this, on January 24, the Microsoft team expanded on the initial announcement with a comprehensive blog post providing more insights about the attack and outlining specific tactics, techniques and procedures leveraged by the threat actor.
Read Post

A Door in Apple's Walled Garden - The 443 Podcast

Feb 15, 2024 By WatchGuard In WatchGuard
This week on #the443podcast, Corey Nachreiner and Marc Laliberte covered Apple’s recent announcement describing how they will comply with the European Union’s new Digital Markets Act and what that means for the iPhone walled garden. Before that, they covered a data breach at Mercedes Benz thanks to an alternative authentication method. Additionally, we cover the roundup of vulnerabilities in Ivanti’s remote Policy Secure and Connect Secure products and how organizations should respond.
View Video
keeper

Authenticator App vs SMS Authentication: Which Is Safer?

Feb 15, 2024 By Tim Tran In Keeper
Multi-Factor Authentication (MFA) has become a cybersecurity necessity for protecting online accounts. It ensures that only authorized users can access an account. However, when picking an MFA method, some options are more secure than others. An authenticator app is safer than SMS authentication because it generates 2FA codes locally, which prevents cybercriminals from intercepting the codes as they can with SMS.
Read Post
Rubrik

Rubrik Unwrapped: How We Lit Up FY 2024 All Year Long

Feb 15, 2024 By Andres Botero In Rubrik
Safeguarding data in today’s cyber landscape is no small feat. And with data growing at an explosive rate, more than 65 percent of IT and security leaders surveyed believe their organization’s current data growth is outpacing their ability to secure this data and manage risk, as found in the latest Rubrik Zero Labs State of Data Security report.
Read Post
graylog

Tyk Gateway API Calls To Graylog API Security

Feb 15, 2024 By The Graylog Team In Graylog
Application Programming Interfaces (APIs) are the backbone of modern software development, enabling seamless communication between various systems and services. As organizations increasingly rely on APIs to power their applications and services, the need for robust API management and monitoring solutions becomes paramount. Capturing API calls and gaining insights into their behavior can significantly enhance the development, troubleshooting, and security of APIs.
Read Post
Arctic Wolf

Understanding Identity Threat Detection and Response

Feb 15, 2024 By Arctic Wolf In Arctic Wolf
When it comes to modern systems and networks, identities are the new perimeter. Long gone are the days of singular office-bound systems with a set server room and endpoints that stayed on desks. With the rise of hybrid work models, cloud computing, and rapid digitization in industries like healthcare and manufacturing, it’s a user’s identity that holds increasing power over a network’s function and security.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.