Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Featured Post
bluevoyant

The Role of Cyber Security in Building Supply Chain Resilience and Efficiency

Oct 16, 2024 By Lorri Janssen-Anessi, Director of External Cyber Assessments In BlueVoyant
The COVID-19 pandemic exposed significant vulnerabilities in global supply chains. With technology companies scrambling to respond to unprecedented disruptions, it became clear that traditional supply chain models were no longer sufficient. When we look back on the supply chain crisis before and during the pandemic, it is easy to identify the areas of improvement because we now have so much more information and the benefit of hindsight, but during the crisis, it was extremely challenging to find immediate ad-hoc solutions, which clearly illuminated a lack of contingency planning.
Read Post
Spectral

A Step-by-Step Guide to Performing a Secure Code Review

Oct 16, 2024 By Eyal Katz In Spectral
We’ve all been there—staring at code, hoping no hidden traps are waiting to cause chaos down the line. That’s where secure code reviews come in. Think of them as your last chance to catch those pesky bugs and vulnerabilities before they wreak havoc. And here’s a little reality check—those cutting-edge LLMs? They suggest insecure code 30% of the time. So, even with AI on our side, we still need to stay sharp.
Read Post
cycognito

Emerging Security Issue: Multiple Palo Alto Networks Expedition PAN-OS Firewalls Vulnerabilities

Oct 16, 2024 By Emma Zaballos In CyCognito
On October 9th, 2024, five vulnerabilities were disclosed by Palo Alto Networks: These vulnerabilities affect Palo Alto Networks Expedition, a tool that manages configuration migration from supported vendors to Palo Alto Networks systems.
Read Post
ekran

Data Protection and Regulatory Compliance in the Insurance Industry

Oct 16, 2024 By Ekran In Ekran
Insurance companies handle vast amounts of sensitive customer data such as personal information, financial records, and health details. As such, they must comply with strict data protection requirements. Failure to comply with these regulations can result in severe penalties, reputational damage, and loss of customer trust. In this article, you’ll learn about the best data protection practices for the insurance industry.
Read Post
SecurityScorecard

Complete Third-Party Risk Management Guide for 2025

Oct 16, 2024 By SecurityScorecard In SecurityScorecard
Third-party risk management (TPRM) is the structured process of identifying, assessing, and mitigating risks posed by external vendors, suppliers, and service providers. These risks can include cyber threats, data breaches, regulatory violations, and financial instability, all of which can severely impact your organization’s security and compliance posture.
Read Post
WatchGuard

Tips to protect hotels from cyberattacks

Oct 16, 2024 By The Editor In WatchGuard
In today’s digital age, the hospitality industry faces unique cybersecurity challenges that can significantly impact both guest experience and business operations. With the increasing reliance on technology for reservations, payments, and guest services, hotels, restaurants, and other establishments must prioritize robust cybersecurity measures. Here’s a closer look at the importance of cybersecurity in hospitality and strategies to enhance protection.
Read Post
cycognito

Emerging Security Issue: Fortinet FortiOS CVE-2024-23113

Oct 16, 2024 By Emma Zaballos In CyCognito
CVE-2024-23113 is a critical (9.8) Fortinet FortiOS vulnerability allowing remote, unauthenticated attackers to execute arbitrary code or commands using specially crafted requests. The flaw uses an externally-controlled format string vulnerability in the FortiOS fgfmd daemon.
Read Post
trilio

OpenShift Virtualization Backup and Restore with Trilio in AWS ROSA Baremetal

Oct 16, 2024 By Rodolfo Casas In Trilio
Virtual machines (VMs) running on cloud-native platforms like OpenShift Virtualization require robust backup and recovery solutions to avoid downtime and data loss. However, many organizations struggle with the complexities of backing up VMs in hybrid and multi-cloud environments, especially when managing infrastructure at scale.
Read Post
keeper

Can Google Ads Be Scams?

Oct 16, 2024 By Ashley D'Andrea In Keeper
Yes, it is possible for Google Ads to be scams. According to the 2023 Google Ads Safety Report, Google successfully blocked and removed over five billion fake ads and suspended almost 13 million advertiser accounts. Even though fake Google Ads are prohibited by Google’s policies, many phony ads go undetected if no one reports them, which could lead to you falling for their scams.
Read Post
cycognito

Emerging Security Issue: Multiple CUPS Vulnerabilities

Oct 16, 2024 By Emma Zaballos In CyCognito
On September 26, 2024, four critical vulnerabilities, CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177, were disclosed in the open-source printing system Common Unix Printing System (CUPS) and its components. Attackers can leverage the remote code execution (RCE) and input validation vulnerabilities as part of an attack chain.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.