Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

manageengine

Efficiently uncover network device threats and ensure a safer IT environment

Dec 6, 2022 By Vulnerability Manager Plus In ManageEngine

According to a study by Microsoft, more than 80% of enterprises have experienced at least one firmware attack in the past three years. Is your enterprise’s security posture secure? Does your security software manage and defend all your endpoints from vulnerabilities?

Read Post

The 443 Episode 220 - Hacking Hyundai

Dec 6, 2022 By WatchGuard In WatchGuard
On this week's episode, we cover the latest in car hacking, this time involving a vulnerability that could have given remote attackers full control over certain Hyundai models' doors, lights and engine. After that, we discuss the latest breach impacting a major password management app and how it's different from previous ones we've seen. We end with a discussion on the latest 'custom security solution' vendor selling spyware tools for profit.
View Video
alienvault

Employee onboarding needs to be engaging - But how can security be preserved?

Dec 6, 2022 By Karoline Gore In AT&T Cybersecurity

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The tech professional labor market is an extremely competitive and difficult place right now. The stakes are so high that CNBC has highlighted certain companies that are offering paid vacations before new hires even begin the job.

Read Post
Forescout

What Project Memoria Foretold about TCP/IP Security and Supply Chain Vulnerabilities

Dec 6, 2022 By Vedere Labs In Forescout

Project Memoria was the largest study about the security of TCP/IP stacks, conducted by Vedere Labs and partners in the cybersecurity industry. It started from a collaboration with JSOF to understand the impact of Ripple20 and led to the discovery of almost 100 vulnerabilities in 14 TCP/IP stacks, divided into five phases: AMNESIA:33, NUMBER:JACK, NAME:WRECK, INFRA:HALT and NUCLEUS:13.

Read Post
idcentral

UIDAI says Aadhaar Verification required before accepting as proof of identity

Dec 6, 2022 By Sumanth Kumar In IDcentral

The Unique Identification Authority of India (UIDAI), which issues Aadhaar cards, has advised states and organizations to verify a person’s Aadhaar number before accepting it as proof of identity in physical or online platforms. The UIDAI has proposed the move to prevent Aadhaar misuse and to verify the authenticity of the individual’s ID verification evidence in any form (Aadhaar Card, PAN card, Driver’s license, Voter ID).

Read Post
ThreatQuotient

Looking under the hood at ROI calculations for Security Automation

Dec 6, 2022 By Emily Jacob In ThreatQuotient

Threat actors continue to work faster and show greater sophistication in their tactics, techniques, and procedures (TTPs). Meanwhile, organizations struggle to keep pace because they are strapped by the persistent shortage of skilled cybersecurity professionals which, exacerbated by the pandemic, grew by 26.2% over the past year.

Read Post
mend

A Busy Weekend for npm Attacks, Including 'cors' Typosquatting

Dec 6, 2022 By Tamir Ben Ari In Mend

‘Tis the season for a busy weekend of software supply chain attacks. Over the past three days, the Mend research team identified two separate attacks that published malicious packages to npm. Mend Supply Chain Defender quickly identified the malicious code; the owners were notified, and the packages were removed. That does not fully remove the risk, however. The first package has 9.5 million downloads, while account CI keys were compromised in the second, which can cause significant damage.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.