Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

jfrog

From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms

Aug 20, 2024 By Ori Hollander In JFrog
NOTE: This research was recently presented at Black Hat USA 2024, under the title “From MLOps to MLOops – Exposing the Attack Surface of Machine Learning Platforms”. The JFrog Security Research team recently dedicated its efforts to exploring the various attacks that could be mounted on open source machine learning (MLOps) platforms used inside organizational networks.
Read Post
vanta

How to set up your first security program

Aug 20, 2024 By Vanta In Vanta
There's no one size fits all when it comes to setting up your organization’s first security program. Each organization has a unique set of business needs, guardrails to implement, and data it needs to protect, which is why it’s important to remember that every security program is going to look a bit different. ‍ If you’re in the process of setting up your first security program, here are some steps I recommend you take and apply to your organization's unique needs. ‍
Read Post
netacea

How Cybercriminals Profit from Streaming Account Theft

Aug 20, 2024 By Alex McConnell In Netacea
In recent weeks we’ve covered how criminals use bots to steal accounts across the web. Credential stuffing tools make this easy and quick to do. If you missed it, watch a live demo of the process in this webinar. In this post we’ll look in more detail at what happens next. How do criminals monetize stolen accounts? To answer this, we’ll use the example of streaming services – one of the quickest and easiest commodities for crooks to shift and make a quick profit.
Read Post
WatchGuard

This New Wi-Fi Attack Can Intercept Data Traffic

Aug 20, 2024 By Kirk Jensen In WatchGuard
The growing complexity of networks and connected devices makes implementing effective cybersecurity an increasingly complicated task. While businesses have shown more awareness of the need to elevate their security posture in recent years, several fundamental cyber hygiene issues still need to be addressed.
Read Post
Rubrik

Another Case for Cyber Resilience: A Large-Scale Extortion Campaign and Best Practices for Data Security in the Cloud

Aug 20, 2024 By Drew Russell In Rubrik
Recently, a widespread cloud extortion operation—affecting 110,000 domains and involving significant financial demands—was uncovered. Unit 42, the cybersecurity research division of Palo Alto Networks, released a report this month detailing how threat actors exploited misconfigured.env files to gain unauthorized access, steal sensitive data, and demand ransoms after deleting cloud assets.
Read Post
levelblue

Securing Networks: Evaluating Hardware Firewalls

Aug 20, 2024 By Thomas Jung In LevelBlue
In today's digital world, where digital threats loom large and data breaches are a constant concern, safeguarding your business network is vital. In the collection of cybersecurity tools at your disposal, hardware firewalls are a fundamental defense mechanism for organizations. This article delves into the pros and cons of hardware firewalls, examining their importance in network security, possible disadvantages, and factors to consider when implementing them.
Read Post
cyberint

On The Hunt for Hunters Ransomware: Origins, Victimology and TTPs

Aug 20, 2024 By Adi Bleih In Cyberint
Amid the disruption of the Hive ransomware group by law enforcement agencies, Hunters International emerged onto the cyber scene in Q3 of 2023, displaying notable technical similarities with Hive, hinting at an evolutionary progression or branch-off from the dismantled group. This transition underscores the adaptive nature of cybercriminal networks, persisting in their illicit activities despite law enforcement actions.
Read Post
securitysenses

The Role of ISO 27001 in Enhancing Information Security

Aug 20, 2024 By SecuritySenses In SecuritySenses
In today's digital age, information security is paramount for organizations of all sizes and industries. Protecting sensitive data from cyber threats, unauthorized access, and other vulnerabilities is a critical concern. One of the most effective frameworks for achieving robust information security is ISO 27001. This international standard provides a comprehensive approach to managing and safeguarding information assets. This article delves into the role of ISO 27001 in enhancing information security, exploring its key principles, benefits, and implementation strategies.
Read Post
manageengine

Strengthening your defenses: Aligning Firewall Analyzer with the new PCI DSS v4.0 standards

Aug 19, 2024 By Firewall Analyzer In ManageEngine
According to IBM’s 2023 Cost of a Data Breach Report, the global average cost of a data breach is $4.45 million. This includes expenses related to detection, response, and post-breach costs. Moreover, non-compliance can result in regulatory fines. For instance, GDPR violations can lead to fines of up to €20 million or 4% of the company’s annual global turnover, whichever is higher. The challenges don’t stop there.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.