Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

sysdig

AWS Launches Improvements for Key Quarantine Policy

Oct 4, 2024 By Michael Clark In Sysdig
Recently, AWS expanded the scope of their AWSCompromisedKeyQuarantine policies (v2 and v3) to include new actions. This policy is used by AWS to lock down access keys that they suspect have been compromised. A common example of this process in action is when AWS automatically applies the quarantine policy to any keys found by scanning public GitHub repositories. This proactive protection mechanism can stop compromises before they happen.
Read Post
graylog

Assessing and Prioritizing Risk in Your Infrastructure

Oct 4, 2024 By The Graylog Product Team In Graylog
There are lots of hurdles to jump when trying to set up and maintain a SIEM. Preparing infrastructure and installing the software components, getting logs ingested into the system, parsing and normalizing those log messages properly, configuring alerts for detection, etc. These are all large tasks that require thoughtful planning and a lot of work to get right. But let’s say you’ve managed to clear all those hurdles…in that case, great job!!
Read Post
miniorange

ZTNA vs VPN - Whats the Best Security Solution?

Oct 4, 2024 By miniOrange In miniOrange
Work from home (WFH) remains a common practice for many businesses worldwide. This working model has enabled companies to hire top talent across borders, boost revenue, and improve employees work-life balance. A new report by Tata Consultancy Services (TCS) claims that, by 2025, 40% of employees around the world will work from home. However, this growing trend also brings about a range of cybersecurity risks that could impact businesses significantly.
Read Post
securitysenses

Securing QR Codes: Protect Against Cyber Threats

Oct 4, 2024 By SecuritySenses In SecuritySenses
QR codes have become part of daily life, enabling quick access to websites and services with a single scan. However, this convenience also makes them a major target for cybercriminals who exploit their popularity. The hidden nature of QR data can easily redirect users to malicious content or phishing sites without their knowledge. With the growing risks tied to this technology, businesses need to implement more advanced security measures. Simple practices like regularly checking code destinations and verifying source authenticity can help reduce vulnerabilities.
Read Post
securitysenses

The Importance of Security in a Hybrid Work Environment

Oct 4, 2024 By SecuritySenses In SecuritySenses
As hybrid work models become more and more prevalent among businesses, more are adopting hybrid work environments to maximize flexibility and productivity. Unfortunately, however, this creates unique security challenges which must be managed. One critical aspect of hybrid working environments is ensuring sensitive information remains safe. Since more employees work from various locations than before proper security measures - like secure file cabinet locks - must be put in place to safeguard valuable assets such as files.
Read Post
chaossearch

How to Use Log Analytics for Insider Threat Detection

Oct 3, 2024 By David Bunting In ChaosSearch
In the world of enterprise security, most teams are laser-focused on defending organizational IT assets from external actors: cybercriminals, digital fraudsters, state-backed hackers, and other external adversaries. But data on the frequency and cost of insider attacks suggests that security teams should shift their focus toward threats that originate from inside their organizations.
Read Post
Featured Post
jumpcloud

Is the Speed of AI Development Leaving UK SMEs Struggling to Plug Security Gaps?

Oct 3, 2024 By Sean Gill, Head of Sales, Europe In JumpCloud
Artificial Intelligence (AI) is perhaps one of the fastest evolving technologies in business today. For SMEs, it can be hard to keep up with these developments and sift through what's simply noise, and what will deliver tangible business benefits. As the UK data from our recent SME IT Trends report shows, embracing AI can help UK SMEs streamline operations, improve the admin and user experience, and stand out in a crowded marketplace. Without a doubt, choosing to ignore AI would be choosing to fall behind.
Read Post
knowbe4

New VPN Credential Attack Goes to Great Lengths to Obtain Access

Oct 3, 2024 By Stu Sjouwerman In KnowBe4
A new “so-phish-ticated” attack uses phone calls, social engineering, lookalike domains, and impersonated company VPN sites to gain initial access to a victim network. This is one of the most advanced initial access attacks I’ve seen. Security analysts at GuidePoint Security have published details on a new attack that tricks users into providing the attacker with credentialed access.
Read Post
knowbe4

Don't Put Real Answers Into Your Password Reset Questions

Oct 3, 2024 By Roger Grimes In KnowBe4
This recent article on how a hacker used genealogy websites to help better guess victims' password reset answers made it a great time to share a suggestion: Don’t answer password reset questions with real answers! It’s not Jeopardy! You don’t have to answer the questions correctly. In fact, you’re putting yourself at increased risk if you do. Instead, give a false question to any required password reset answer.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.