Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

CrowdStrike

CrowdStrike Named a Leader in IDC MarketScape for Worldwide MDR

Apr 29, 2024 By Austin Murphy In CrowdStrike
The #1 global managed detection and response (MDR) provider and pioneer continues to dominate. Today, CrowdStrike was named a Leader in the 2024 IDC MarketScape: Worldwide Managed Detection and Response 2024 Vendor Assessment1 among the 19 vendors evaluated in the report. CrowdStrike was also recently named a Leader in Frost & Sullivan’s 2024 Frost Radar: Managed Detection and Response. The global demand for MDR continues to surge as businesses face a harsh reality.
Read Post
bluevoyant

Enhancing Cybersecurity with BlueVoyant's AI Technology for Emerging Vulnerabilities

Apr 29, 2024 By George Aquila In BlueVoyant
After a new zero-day vulnerability is announced, the National Vulnerability Database (NVD) publishes a measure of its severity under the Common Vulnerability Scoring System (CVSS). CVSS scores are a crucial tool for organizations as they give an approximation of the severity of disclosed vulnerabilities.
Read Post
alienvault

Enhancing Financial Security Through Behavioral Biometrics

Apr 29, 2024 By Devin Morrissey In AT&T Cybersecurity
The evolution of tech necessitates stronger cybersecurity. Financial information is appealing to hackers trying to steal identities and commit fraud. These bad actors are evolving with tech to figure out ways to bypass the increasingly robust cybersecurity measures.
Read Post
keeper

What Are Zero Standing Privileges?

Apr 29, 2024 By Tim Tran In Keeper
Zero Standing Privileges (ZSP) is a Privileged Access Management (PAM) strategy in which organizations limit access to sensitive data by removing all permanent user access. It requires users to request specific access to resources needed to complete a task. However, instead of granting users continuous access, ZSP will grant them temporary access until the task is complete.
Read Post
Arctic Wolf

Critical Authentication Bypass Vulnerability in Delinea Secret Server Disclosed Along With PoC

Apr 28, 2024 By Andres Ramos In Arctic Wolf
On April 12, 2024, Delinea issued an advisory to address a critical authentication bypass vulnerability identified in the SOAP API component of its Secret Server product, available in both Cloud and On-Premises solutions. A threat actor could exploit this vulnerability to bypass authentication, gain administrative access, and extract sensitive information.
Read Post
Arctic Wolf

Cisco Duo Third-Party Compromise

Apr 28, 2024 By Andres Ramos In Arctic Wolf
On April 16, 2024, Cisco Duo informed affected customers of a breach involving their SMS and VOIP multi-factor authentication (MFA) service provider. The breach occurred on April 1st due to a phishing attack, allowing unauthorized access to the provider’s systems, including SMS and VoIP MFA message logs for specific Duo accounts between March 1st and March 31st, 2024. Though the threat actor accessed message logs, they did not obtain message content.
Read Post
Featured Post
ThreatQuotient

How threat intelligence can improve vulnerability management outcomes

Apr 27, 2024 By Chris Jacob, Global Vice President, Threat Intelligence Engineers In ThreatQuotient
It might surprise you to know that more than 70 new vulnerabilities are published every day. And despite their risk-reducing value in helping SOC teams address these, vulnerability management solutions have drawbacks. Often, they only provide a snapshot of an organization's vulnerabilities at a point in time. In fact, owing to their nature, vulnerabilities identified today may not exist tomorrow, or they may appear and disappear intermittently. This leaves security teams scrambling to understand not only what the risk is, but how it affects them and where they should start first with any remediation.
Read Post
Spectral

7 Steps to ensure compliance with the CJIS security policy

Apr 27, 2024 By Eyal Katz In Spectral
A high-profile case hangs in the balance. Suddenly, court systems are paralyzed. Evidence is locked away, replaced by a ransom demand. Every law enforcement agency’s nightmare is alarmingly common – 96% of organizations were hit by ransomware in the past year, according to Cisco’s 2023 report. Exposed API keys, forgotten cloud configurations, outdated systems – these seemingly small vulnerabilities are the entry points relentless cybercriminals exploit.
Read Post
securitysenses

Top HIPAA Compliant Fax Services: Ensuring Secure Healthcare Communication

Apr 26, 2024 By SecuritySenses In SecuritySenses
When it comes to transmitting sensitive patient data, faxing must be secure and compliant under HIPAA regulations. But what does a 'hipaa compliant fax' service entail? Without delay, this article gets to the heart of HIPAA fax compliance, detailing the necessary security measures, the severe risks of non-compliance, and how to identify credible fax services that uphold these regulations. Discover the components and benefits of dependable HIPAA compliant fax solutions that protect patient data and uphold the integrity of healthcare providers.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.