Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2024

knowbe4

Attackers Abuse Eventbrite to Send Phishing Emails

Nov 5, 2024 By Stu Sjouwerman In KnowBe4
Attackers are abusing Eventbrite’s scheduling platform to send phishing emails, according to researchers at Perception Point. These attacks increased by 900% between July and October 2024. “Perception Point researchers observed phishing emails delivered via ‘noreply@events.eventbritecom,’” the researchers write.
Read Post
teleport

Why Secure Infrastructure Access Must Evolve: Insights from Teleport's 2024 Survey

Nov 5, 2024 By Jack Pitts In Teleport
89% of organizations suffered at least one security incident in the past three years, according to The 2024 State of Secure Infrastructure Access, a new survey of 250 security and engineering leaders. The rise of cloud computing, the surge of identity-based attacks, and increasing regulatory compliance concerns have forced companies to rethink how they handle security, productivity, and compliance.
Read Post
keeper

What To Do if You Opened a Phishing PDF

Nov 5, 2024 By Ashley D'Andrea In Keeper
If you think you’ve accidentally opened a phishing PDF, it’s important to immediately disconnect your device from the internet, back up your files, run a virus scan on your device and change your passwords. Typically, you can spot a phishing attempt if an email contains urgent and threatening language, too-good-to-be-true offers, spelling and grammatical errors or requests for private information.
Read Post
keeper

Can Viruses Come From a PDF?

Nov 5, 2024 By Ashley D'Andrea In Keeper
Yes, viruses can come from a PDF by hiding in malicious code. A virus is a type of malware, which is malicious software intended to infect your device and steal private data. A virus can infect your device only if you interact with it, which could happen by opening a PDF containing a virus. Since PDFs are so widely used, hackers can hide viruses within innocent-looking files to jeopardize your privacy.
Read Post
netskope

Announcing the New Cloud Exchange 5.1.0 Update

Nov 5, 2024 By Agasthiamani Sankaran In Netskope
This blog series continues to explore a number of different workflows that those comfortable using basic scripting, or enablement tools like Postman, can employ to programmatically update and inform your inline policy actions. These are just some of the functions that the newest version of Cloud Exchange (CE), version 5.1, supports now and in the future.
Read Post
tripwire

Real Estate Fraud is Running Rampant in the US

Nov 5, 2024 By PJ Bradley In Tripwire
Real Estate Fraud is Running Rampant in the US Real estate is an area ripe for fraud and scams: transactions usually involve large sums of money, convoluted paperwork, and messaging back and forth. Criminals can use a wide variety of methods to intercept legitimate communications or launch their own scams in order to deceive their targets.
Read Post
secude

CMMC 2.0 Explained: What You Must Know For 2025

Nov 5, 2024 By Secude In SECUDE
With the final CMMC rule published, here’s a summary of everything you need to know for your CMMC Level and when. Another step closer. After more than seven years in the making, the US Department of Defense (DoD) finalized a rule establishing the Cybersecurity Maturity Model Certification (CMMC) program and outlining how it will work. The final program rule was published in the Federal Register on 15 October and will go into effect on 16 December.
Read Post
outpost 24

Operation Magnus: Analyzing the cybercrime community reaction

Nov 5, 2024 By Lidia López Sanz In Outpost 24
International cooperation has become crucial to disrupt the operations of malicious cybercrime actors. A prime example of this is ‘Operation Magnus’ which has showcased the effectiveness of global collaboration in tackling sophisticated threats. By dismantling their infrastructure and exposing key players, Operation Magnus not only delivered a significant blow to cybercriminals but also sent shockwaves throughout underground forums and dark web communities.
Read Post
vista infosec

DORA Compliance Checklist: Essential Steps for Successful Implementation

Nov 5, 2024 By Ronak Patel In VISTA InfoSec
DORA is an EU-based regulation that is going to be effective from January 17, 2025. It is a digital security framework that works alongside the General Data Protection Regulation (GDPR) to provide strong security protection to financial entities and ICT service providers from cybercrimes. Generally, every financial entity and ICT service provider inside or outside the EU that does business with the EU entities has to comply with DORA.
Read Post

The Age of AI-Powered Scams - The 443 Podcast - Episode 312

Nov 5, 2024 By WatchGuard In WatchGuard
This week on the podcast, we cover a research white paper that details how attackers could use AI to complete an entire money-theft or credential theft-scam from start to finish. Before that, we discus Sophos' 5 year battle with Chinese hackers targeting network devices followed by Microsoft's current battle with password spray attacks through compromised network devices. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
View Video
netwrix

Delete Registry Keys Using PowerShell

Nov 5, 2024 By Jonathan Blackwell In Netwrix
In Windows system administration, one of the more advanced yet important tasks that can be accomplished using PowerShell is deleting registry keys and values. This operation requires careful handling to avoid unintended consequences. Registry keys and values in Windows are critical components that store configuration settings for the operating system and installed applications. Modifying the registry can lead to system instability or even failure if not done correctly.
Read Post
salt security

API Security: The Non-Negotiable for Modern Transportation

Nov 5, 2024 By Eric Schwake In Salt Security
The transportation sector is undergoing a digital revolution, from railways to aviation and trucking. APIs are at the heart of this transformation, particularly for airlines. Airlines utilize APIs to integrate internal systems with vital services such as booking platforms, check-in services, real-time flight updates, communication with customs agencies, and baggage handling.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.