Security

IaC Scanning with ggshield - GitGuardian CLI

Jun 2, 2023 By GitGuardian In GitGuardian

How are you scanning for configuration issues in your Terraform projects? Using ggshield, the GitGuardian CLI, developers can quickly find and fix over 70 common vulnerabilities in their infrastructure as code projects.

View Video

GitGuardian

Read more about IaC Scanning with ggshield - GitGuardian CLI

Customize Your GitGuardian Remediation Workflow

Jun 2, 2023 By GitGuardian In GitGuardian

Have you ever wished you could customize the remediation workflow in your GitGuardian workspace? Now, you can! As a workspace Manager, you can manage the remediation workflow in the Secrets detection section of your settings and add up to 20 steps. You can also switch between the default GitGuardian remediation workflow and your custom remediation workflow.

View Video

GitGuardian

Read more about Customize Your GitGuardian Remediation Workflow

Automating incident Remediation with GitGuardian Playbooks

Jun 2, 2023 By GitGuardian In GitGuardian

GitGuardian can help automate your incident remediation process through our playbooks! The auto-healing playbook automates sharing the incident with the developer involved. Whenever a new incident is detected, GitGuardian automatically turns on the sharing option of the incident and, in most cases, sends an email with the unique link to the developer involved.

View Video

GitGuardian

Read more about Automating incident Remediation with GitGuardian Playbooks

SIEM and UEBA: A Match Made in Cybersecurity Heaven

Jun 2, 2023 By Logsign Team In Logsign

SIEM and UEBA are complementary solutions that can work together to provide a comprehensive view of network activity and enhance the threat detection and response capabilities of cybersecurity teams. By integrating SIEM and UEBA, organizations can benefit from.

Read Post

Logsign

Read more about SIEM and UEBA: A Match Made in Cybersecurity Heaven

I have Trust Issues and So Does My CISO How NDR can help identify issues in your ZTA

Jun 2, 2023 By Corelight In Corelight

Speakers: Matt Bromiley (SANS), Tim Nolen, Sr. Sales Engineer (Corelight), Jean Schaffer, Federal CTO (Corelight)

View Video

Corelight

Read more about I have Trust Issues and So Does My CISO How NDR can help identify issues in your ZTA

Verification and Deepfake Fraud Trends in North America

Jun 2, 2023 By Stu Sjouwerman In KnowBe4

Forced verification fraud and deepfake fraud are on the rise in the US and Canada, according to researchers at Sumsub. Pavel Goldman-Kalaydin, Sumsub’s Head of AI & ML, explains that forced verification involves bypassing biometric data checks.

Read Post

KnowBe4

Read more about Verification and Deepfake Fraud Trends in North America

Warning: Sharing Data with ChatGPT Can Be Misused Outside Your Organization

Jun 2, 2023 By Stu Sjouwerman In KnowBe4

A new study found that ChatGPT can accurately recall any sensitive information fed to it as part of a query at a later date without controls in place to protect who can retrieve it. The frenzy to take advantage of ChatGPT and other AI platforms like it has likely caused some to feed it plenty of corporate data in an effort to have the AI process and provide insightful output based on the queries received.

Read Post

KnowBe4

Read more about Warning: Sharing Data with ChatGPT Can Be Misused Outside Your Organization

CVE-2023-34362: MOVEit Transfer SQL Injection Vulnerability Actively Exploited in the Wild

Jun 2, 2023 By James Liolios In Arctic Wolf

On May 31, 2023, Progress released a security advisory warning customers of a critical zero-day vulnerability being actively exploited in MOVEit Transfer, a managed file transfer (MFT) solution. The exploitation of this vulnerability could lead to escalated privileges and potential unauthorized access to an environment, allowing threat actors to steal data and extort organizations.

Read Post

Arctic Wolf

Read more about CVE-2023-34362: MOVEit Transfer SQL Injection Vulnerability Actively Exploited in the Wild

CVE-2023-33733: RCE Vulnerability in ReportLab PDF Toolkit

Jun 2, 2023 By James Liolios In Arctic Wolf

On May 31st, 2023, a working exploit has been publicly released for a remote code execution (RCE) vulnerability (CVE-2023-33733), impacting ReportLab PDF Toolkit python libraries of versions prior to 3.6.13. The researcher of the POC has previously contacted ReportLab in April 2023, detailing this vulnerability and ReportLab has released a fix on April 27th, 2023, through ReportLab 3.6.13.

Read Post

Arctic Wolf

Read more about CVE-2023-33733: RCE Vulnerability in ReportLab PDF Toolkit

Netskope Threat Coverage: MOVEit Transfer Zero-Day

Jun 2, 2023 By Gustavo Palazolo In Netskope

A new critical zero-day vulnerability in the MOVEit Transfer software is being actively exploited by attackers to exfiltrate data from organizations. MOVEit Transfer is a managed file transfer (MFT) software, developed by Progress, designed to provide organizations a way to securely transfer files, which can be implemented on-premise or as a cloud SaaS platform. According to BleepingComputer, attackers have been actively exploiting MOVEit Transfer to download data from organizations.

Read Post

Netskope

Read more about Netskope Threat Coverage: MOVEit Transfer Zero-Day

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

IaC Scanning with ggshield - GitGuardian CLI

Customize Your GitGuardian Remediation Workflow

Automating incident Remediation with GitGuardian Playbooks

SIEM and UEBA: A Match Made in Cybersecurity Heaven

I have Trust Issues and So Does My CISO How NDR can help identify issues in your ZTA

Verification and Deepfake Fraud Trends in North America

Warning: Sharing Data with ChatGPT Can Be Misused Outside Your Organization

CVE-2023-34362: MOVEit Transfer SQL Injection Vulnerability Actively Exploited in the Wild

CVE-2023-33733: RCE Vulnerability in ReportLab PDF Toolkit

Netskope Threat Coverage: MOVEit Transfer Zero-Day

Monthly Archive

Follow Us