Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

knowbe4

Cisco Calls Out Organizations As Being "Overconfident and Unprepared" for Cyber Attacks

Apr 16, 2024 By Stu Sjouwerman In KnowBe4
In a new report, Cisco says the cyber readiness of organizations is lacking despite having experienced multiple cyber attacks within the last year. The maturity of an organization’s state of cyber readiness may very well dictate the outcome of an attack; it’s one thing to have a bunch of solutions in place, and it’s completely another to have the right solutions, policies, practices, and plans in place to address cyber risks.
Read Post
keeper

How To Prevent Brute Force Attacks

Apr 16, 2024 By Tim Tran In Keeper
Brute force attacks are one of the most common methods used by cybercriminals to steal credentials from organizations. To prevent brute force attacks, organizations need to enforce the use of strong and unique passwords, invest in a business password manager, require employees to enable MFA, monitor and limit login attempts, implement passwordless authentication and delete inactive accounts.
Read Post
jit

A Step-by-Step Guide to Preventing Javascript Injections

Apr 16, 2024 By The Jit Team In Jit
If over 40 major banks can be the target of JavaScript injection attacks, let’s be honest – so can you. In 2023, a malware campaign using this attack method affected 50,000 user sessions across more than 40 financial institutions worldwide, leaving many dev teams in pure damage-control mode. A large number of professional developers (especially front-end developers) use JavaScript more often than any other programming language.
Read Post
knowbe4

UK Councils Under Cyber Attack: The Urgent Need for a Culture of Cybersecurity and Resilience

Apr 12, 2024 By Javvad Malik In KnowBe4
The very fabric that stitches our society together — our councils and local governing bodies — is under a silent siege from cyber attacks. The recent ransomware assault on Leicester Council is another real life cybercrime added to a growing list of attacks in the UK.
Read Post
cyberark

Understanding APIs and How Attackers Abuse Them to Steal Data

Apr 12, 2024 By John Walsh In CyberArk
Simply put, APIs (short for application programming interface) are how machines, cloud workloads, automation and other non-human entities communicate with one another. They also represent an access point to highly sensitive company data and services. Almost every organization uses these machine interfaces, and their usage is only growing because they are essential to digital transformation and automation initiatives.
Read Post
SecurityScorecard

Cyberattack at Sisense Puts Critical Infrastructure on Alert

Apr 11, 2024 By SecurityScorecard In SecurityScorecard
The cybersecurity community woke up on Thursday to news of a cyberattack on Sisense, a major business analytics software company. It’s thought that the breach may have exposed hundreds of Sisense’s customers to a supply chain attack and provided the attacker with a door into the company’s customer networks.
Read Post
securitysenses

The Future of Cybersecurity: Leveraging Breach and Attack Simulation for Proactive Defense

Apr 10, 2024 By SecuritySenses In SecuritySenses
The digital landscape is no longer a frontier; it's a full-fledged battlefield. As organizations become increasingly reliant on interconnected technologies, their attack surface expands exponentially. Firewalls and antivirus software, the traditional defense lines, are akin to medieval fortifications in the face of modern artillery. To survive in this ever-evolving warzone, organizations need a proactive approach, a way to anticipate and counter threats before they inflict damage. Enter Breach and Attack Simulation (BAS), a transformative tool poised to revolutionize the future of cybersecurity.
Read Post
Arctic Wolf

The Top 18 Healthcare Industry Cyber Attacks of the Past Decade

Apr 10, 2024 By Arctic Wolf In Arctic Wolf
10.93 million dollars USD. That’s the average cost of a healthcare breach in the U.S. It’s an alarming number that’s only continued to climb, increasing by over 53% in the past three years, according to IBM’s 2023 Cost of a Data Breach Report. In fact, the healthcare industry has had the highest average cost of a breach for 13 years running. It’s not just the costs that are climbing, either.
Read Post
komodo consulting

Having Fun with SSRF HTML to PDF Exports: A Cybersecurity Exploration

Apr 10, 2024 By Komodo Research In Komodo Consulting
PDF Exports: Hidden SSRF Risk In the realm of cybersecurity, understanding vulnerabilities is paramount to safeguarding sensitive data and maintaining the integrity of systems. One such vulnerability that often lurks in the shadows is SSRF, or Server Side Request Forgery. While SSRF vulnerabilities have been extensively discussed in various contexts, today, we're going to delve into a unique perspective – exploring SSRF vulnerabilities through the lens of HTML to PDF exports.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.