Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

cloudflare

Avoiding downtime: modern alternatives to outdated certificate pinning practices

Jul 29, 2024 By Dina Kozlov In Cloudflare
In today’s world, technology is quickly evolving and some practices that were once considered the gold standard are quickly becoming outdated. At Cloudflare, we stay close to industry changes to ensure that we can provide the best solutions to our customers. One practice that we’re continuing to see in use that no longer serves its original purpose is certificate pinning.
Read Post
vanta

4 takeaways from A-LIGN's 2024 Compliance Benchmark Report

Jul 29, 2024 By Vanta In Vanta
A compliance audit shows your customers exactly what measures you have in place to keep their data and assets safe. Given that trust is such a crucial aspect of customer relationships, the quality and efficiency of your compliance audit is more important than ever. ‍ A-LIGN, one of Vanta’s technology-enabled security and compliance partners, recently released its 2024 Compliance Benchmark Report, based on an annual survey of nearly 700 business leaders and compliance professionals.
Read Post
keeper

Strengthening Cyber Resilience in the Defense Industrial Base

Jul 29, 2024 By Kim Howard In Keeper
The Defense Industrial Base (DIB) consists of over 100,000 companies that provide materials or services to the United States Department of Defense (DoD). These companies provide products needed to defend the nation and are a critical part of the DoD supply chain. DIB companies range in size from large, well-known defense contractors, like Lockheed Martin, Boeing and Northrop Grumman, to small and medium-sized enterprises that provide specialized products and services, such as drones and military vehicles.
Read Post
appknox

What is API Security for Mobile Apps? Why Is It Important?

Jul 29, 2024 By Subho Halder In Appknox
Businesses have gone mobile-first, and with good reason—people are spending more time and more money on their phones than ever before. For instance, in 2023, an estimated 66% or 2/3rds of all online orders were made from mobile devices. And in 2024, businesses are expected to spend $402 billion on mobile advertising. Mobile apps have become the first choice for users for their online activities in banking, e-commerce, media streaming, social media, etc.
Read Post
foresiet

Gemini Exchange Breach Highlights Supply Chain Vulnerabilities

Jul 29, 2024 By Foresiet In Foresiet
A recent security incident has shaken the cryptocurrency community as Gemini, a prominent US-based crypto exchange, disclosed a supply chain breach that compromised personal and banking information of thousands of customers. This breach underscores the importance of robust digital footprint analysis and brand protection strategies in the ever-evolving landscape of cybersecurity.
Read Post
knowbe4

Nearly All Ransomware Attacks Now Include Exfiltration of Data...But Not All Are Notified

Jul 29, 2024 By Stu Sjouwerman In KnowBe4
Organizations are falling victim to ransomware attacks where data is stolen, but the victim isn’t being told about it. I have a theory as to why this is happening. Many assume data is being exfiltrated as part of a ransomware attack and it’s going to be used as part of the extortion component of the attack. But according to Arctic Wolf’s The State of Cybersecurity: 2024 Trends Report, that doesn’t seem to be the case.
Read Post
Arctic Wolf

CVE-2024-6327: Critical RCE Vulnerability in Progress Telerik Report Server

Jul 29, 2024 By Andres Ramos In Arctic Wolf
On July 24, 2024, Progress published a knowledge base article disclosing a critical vulnerability (CVE-2024-6327) impacting Telerik Report Server, a product by Progress designed for streamlined report management within organizations. This vulnerability can lead to remote code execution (RCE) due to the deserialization of untrusted data. Arctic Wolf has not identified a publicly accessible proof of concept (PoC) exploit or active exploitation of this vulnerability. However, most notably.
Read Post
securitysenses

The importance of campus security awareness programs: Fostering a safe learning environment

Jul 29, 2024 By SecuritySenses In SecuritySenses
Imagine walking from the campus library to your hostel late one evening, deeply engrossed in thoughts about your upcoming exams. Suddenly, you hear footsteps behind you. It's at the allay where two students were attacked a few weeks ago, and one is still in critical condition. You sense something sinister is about to happen, and your instincts kick in. Your muscles tighten, your hair stands on end, and adrenaline is released to prepare you for flight or fight. This scenario and the primal responses involved can be unpleasant and unsettling, justifying the need for campus security awareness programs in today's educational landscape.
Read Post
securitysenses

Common Challenges in Legacy Database Migration Projects

Jul 29, 2024 By SecuritySenses In SecuritySenses
The process of transferring data from old databases to new ones is not easy, and many things can go wrong. While companies try to take advantage of new technologies and keep the data from old platforms, they face issues of technical debt, integration, and budget. This article identifies the main challenges that organizations experience when implementing a legacy database migration project.
Read Post
securitysenses

The Importance of Creativity in Education

Jul 29, 2024 By SecuritySenses In SecuritySenses
Human being's knack for creativity is an expression of their most noteworthy qualities, namely - curiosity, resourcefulness, and desire to discover the unknown. In some folks, these qualities manifest during their early development years, while in others, it takes a bit longer. Nevertheless, we are all creative beings- regardless of whether we believe it or not. It requires creative flair to paint a striking portrait, invent a delicious twist to an already tasty chocolate chip ice cream recipe, or even organize a memorable birthday celebration.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.