Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

July 2024

idcentral

Understanding Transaction Monitoring in Anti-Money Laundering (AML)

Jul 2, 2024 By Mohini Sahu In IDcentral
Transaction monitoring in the realm of Anti-Money Laundering (AML) is a critical process that financial institutions employ to detect and prevent illicit activities such as money laundering, terrorist financing, and fraud. As regulatory scrutiny intensifies globally, the importance of robust transaction monitoring systems cannot be overstated.
Read Post

The 443 Podcast - Episode 296 - OpenSSH regreSSHion Vulnerability

Jul 2, 2024 By WatchGuard In WatchGuard
This week on the podcast, we cover OpenSSH's recent critical vulnerability and what it means for systems administrators. Before that, we discuss the CDK Global ransomware attack impacting car dealerships across the us, a Korean internet service provider delivering malware to their customers, and a takeover of a popular JavaScript library gone hostile. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
View Video
nightfall

Nightfall Named A Leader in Data Loss Prevention (DLP) by G2

Jul 2, 2024 By The Nightfall Team In Nightfall
Nightfall has been named a Leader in Data Loss Prevention (DLP), Sensitive Data Discovery, Data Security, and Cloud Data Security in G2’s Summer ‘24 reports. We’d like to extend a huge thank you to all of Nightfall’s customers and supporters for making this possible. We’re also happy to acknowledge the Nightfall team’s tireless innovation, all in pursuit of helping customers to protect their sensitive data across the sprawling enterprise attack surface.
Read Post
sumologic

Rule tuning - supercharge Cloud SIEM for better alerts

Jul 2, 2024 By Paul Sheck In Sumo Logic
We’ve seen the movies where the character needs to get out of a jam or needs to get somewhere in a hurry, so they mash the big button of Nitrous Oxide and boom they are off! Fast and the Furious and Boss Level are the two movies that come to mind. So, how does this relate to a SIEM or SIEM rules? Sit down, buckle up, and let’s go for a ride.
Read Post

Developing in the Age of AI, with Cloudflare's Ricky Robinett

Jul 2, 2024 By Cloudflare In Cloudflare
Experience a deeper understanding of AI's transformative potential! Watch our exclusive video, 'Developing in the Age of AI,' featuring profound insights shared by Cloudflare’s Vice President of Developer Relations, Ricky Robinett. Explore the dynamic convergence of cybersecurity and AI efficacy. Share your details to unlock privileged access to this video, empowering you with the profound insights that shape the technological landscape.
View Video
Arctic Wolf

CVE-2024-6387: Critical Remote Code Execution Vulnerability in OpenSSH

Jul 2, 2024 By Andres Ramos In Arctic Wolf
On July 1, 2024, OpenSSH released fixes for CVE-2024-6387, a vulnerability in OpenSSH’s server (sshd) on glibc-based Linux systems allowing for potential Remote Code Execution (RCE). OpenSSH is a widely-used suite of secure networking tools based on the SSH protocol, providing encryption for secure communication and file transfers, and is essential for remote management on Unix systems. CVE-2024-6387 is a signal handler race condition that allows unauthenticated Remote Code Execution (RCE) as root.
Read Post
Arctic Wolf

TeamViewer Detects Compromise

Jul 2, 2024 By Andres Ramos In Arctic Wolf
On June 26, 2024, TeamViewer published a statement disclosing they detected an irregularity in TeamViewer’s internal corporate IT environment. TeamViewer is an organization that provides remote access software for devices and is extensively utilized by businesses and individuals globally. Upon detecting the incident on June 26th, TeamViewer immediately activated their response team and procedures and started investigations while implementing necessary remediation measures.
Read Post
Arctic Wolf

Polyfill Supply Chain Attack Impacts 100K+ Sites

Jul 2, 2024 By Steven Campbell In Arctic Wolf
On June 24, 2024, cybersecurity company Sansec published a security advisory detailing how an associated Polyfill domain (cdn.polyfillio) was being used to insert malicious code in scripts served to mobile end users in a web supply chain attack. Polyfill is a popular open-source JavaScript library embedded in more than 100,000 websites to provide polyfills, a small piece of code (usually JavaScript) that helps provide modern functionality on older browsers.
Read Post
boxyhq

AI Audit Logs: The Secret Weapon to Enhance Enterprise Security

Jul 2, 2024 By Sama - Carlos Samame In BoxyHQ
In the rapidly evolving landscape of artificial intelligence (AI), ensuring robust security and compliance is becoming more difficult for enterprises. AI audit logs emerge as a critical tool in this mission, offering a detailed record of all activities within AI systems. By leveraging these logs, businesses can enhance their security posture, ensure regulatory compliance, and optimize AI usage. Let's delve into how AI audit logs can serve as a secret weapon in bolstering enterprise security.
Read Post
knowbe4

Ransomware Attack on U.K. Health Service Laboratory Disrupts Major London Hospital Services

Jul 2, 2024 By Stu Sjouwerman In KnowBe4
What likely started as a quick ransomware “smash and grab” has turned into a headline case resulting in responses from both U.K. and U.S. law enforcement. Earlier this month, several larger London hospitals suddenly had no access to lab results. It turned out to be the result of a ransomware attack on laboratory partner Synnovis that crippled hospitals and health services that rely on Synnovis.
Read Post
knowbe4

Hacked Customer Support Portal Being Used to Send Phishing Emails

Jul 2, 2024 By Stu Sjouwerman In KnowBe4
A hacked customer support portal belonging to router manufacturer Mercku is being used to respond to customer queries with phishing emails, BleepingComputer reports. If a customer files a support ticket through the company’s Zendesk portal, they’ll receive an automated response that attempts to trick them into granting access to their Metamask cryptocurrency account.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.