Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

logitio

What Is MAS TRM?

Feb 22, 2023 By Eleanor Bennett In logit.io

All financial institutions operating in Singapore are required to comply with the MAS TRM guidelines in order to operate legally. In order to ensure the safety of their operations, customers, as well as the wider financial system, financial institutions are required to conduct regular risk assessments and implement appropriate risk management measures.

Read Post

Democratized Breach Damage: The Economics Behind Ransomware

Feb 22, 2023 By Razorthorn In Razorthorn
In this video, we explore the economics behind ransomware and how it has been democratized through the use of cryptocurrencies like Bitcoin. While the recent breach affecting multiple companies is concerning, the real interesting aspect is the commercial, professional cybercrime as a service economy that has emerged as a result. We discuss how the ability to monetize ransomware has led to its rise and how alternative forms of payment like Amazon vouchers were previously used before the widespread adoption of cryptocurrencies. It's not just about the technology aspect - the economics behind ransomware are equally fascinating.
View Video

The Big Fix. OWASP TOP 10 Snyk Learn Path (Cryptography & Outdated Components)

Feb 22, 2023 By Snyk In Snyk
OWASP stands for Open Web Application Security Project. This non-profit foundation works to improve software security. They have published a top 10 list that acts as an awareness document for developers. It represents a broad consensus about the most critical security risks. Our goal at Snyk Learn is to educate developers and one way we do that is by covering the OWASP top 10 list.
View Video
indusface

What is Slowloris DDoS Attack and How Does it Work?

Feb 22, 2023 By Venkatesh Sundar In Indusface
Slowloris is a type of DDoS (Distributed Denial of Service) attack that exploits web servers to handle incoming connections. In a Slowloris attack, the attacker sends many HTTP requests to the target web server, but unlike a regular DDoS attack, the requests are sent slowly over a long period of time. The attack sends incomplete HTTP requests to keep the connections open for as long as possible. The attacker then mimics this pattern by sending many incomplete requests to the server.
Read Post
Spectral

7 Battle-Tested Tips for Using a DAST Scanner

Feb 22, 2023 By Aurore Inara In Spectral

While modern web applications are growing in complexity, the threat landscape is also constantly evolving. It can be difficult for developers to identify and remediate vulnerabilities in their code, especially if they need more expertise in security. As a result, manual application security testing has become ever more challenging and intricate.

Read Post
keeper

Why You Shouldn't Turn Off 2FA

Feb 22, 2023 By Aranza Trevino In Keeper

You shouldn’t turn off your Two-Factor Authentication (2FA) because it removes the extra layer of security it adds to your account, making it easier for cybercriminals to compromise it. Keep on reading to learn why 2FA should be left enabled for your online accounts and why it should be added to your accounts if it isn’t already.

Read Post
SecurityScorecard

Cybersecurity Insights from The World Economic Forum in Davos: Part II

Feb 22, 2023 By SecurityScorecard In SecurityScorecard

On the final day of the World Economic Forum, we shared SecurityScorecard’s five key cybersecurity insights based on the discussions that dominated our time in Davos, Switzerland. Several weeks later, after gathering our thoughts from everything we saw, heard, and contributed to in Davos, we’d like to expand on our cybersecurity perspectives from the Forum and provide five additional insights.

Read Post
armo

Secure your Kubernetes clusters with the Kubescape Docker extension

Feb 22, 2023 By ARMO In ARMO
Container adoption in enterprises continues to grow, and Kubernetes has become the de facto standard for deploying and operating containerized applications. At the same time, security is shifting left and should be addressed earlier in the software development lifecycle (SDLC). Security has morphed from being a static gateway at the end of the development process to something that (ideally) is embedded every step of the way. This can potentially increase the effort for engineering and DevOps teams.
Read Post
Arctic Wolf

Fortinet Patches Critical RCE Vulnerabilities in FortiNAC and FortiWeb

Feb 22, 2023 By James Liolios In Arctic Wolf
On Thursday, February 16, 2023, Fortinet patched two critical unauthenticated remote code execution vulnerabilities, one impacting FortiNAC (CVE-2022-39952) and one impacting FortiWeb (CVE-2021-42756). Both vulnerabilities were discovered by Fortinet’s Product Security team.
Read Post
Arctic Wolf

Arctic Wolf Survey of Australia and New Zealand Reveals Regional Cybersecurity Perspectives

Feb 22, 2023 By Arctic Wolf In Arctic Wolf
Last year cyber threats were at the forefront of many business leaders. Not only did the Australian Cyber Security Centre (ACSC), receive over 76,000 cybercrime reports, an increase of 13 percent from the previous financial year, major cybersecurity incidents at Optus, Medibank, and others made cybersecurity a top of mind issue for many in Australia and New Zealand.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.