Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

upguard

What is Cyber Vendor Risk Management? Cyber VRM Explained

Sep 14, 2022 By Harsh Budholiya In UpGuard

Cyber VRM is the practice of identifying, assessing, and remediating the cybersecurity risks of third-party vendors. This involves combining objective, quantifiable data sources like security ratings and data leak detection with subjective qualitative data sources like security questionnaires and other security evidence to get a complete view of your third-party vendors’ security posture. A Cyber VRM solution facilitates this practice.

Read Post
Pentest People

Web Application Testing in 2022: What You Need to Know

Sep 14, 2022 By Liam Follin In Pentest People

As we move further into 2022, the world of web application testing is changing. We are seeing new challenges and opportunities as businesses become more reliant on online applications. In this blog post, we will discuss the latest trends in web application testing and how you can prepare your business for the future.

Read Post

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Sep 14, 2022 By Snyk In Snyk
Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.
View Video

Lorenz Ransomware Intrusion: Understanding Your Risk

Sep 14, 2022 By Arctic Wolf In Arctic Wolf
The Arctic Wolf Labs team recently investigated a Lorenz ransomware intrusion, which leveraged a Mitel MiVoice VOIP appliance vulnerability (CVE-2022-29499) for initial access and Microsoft’s BitLocker Drive Encryption for data encryption. Lorenz is a ransomware group that has been active since at least February 2021 and like many ransomware groups, performs double-extortion by exfiltrating data before encrypting systems. Over the last quarter, the group has primarily targeted small and medium businesses (SMBs) located in the United States, with outliers in China and Mexico.
View Video
CrowdStrike

CrowdStrike's Annual Threat Hunting Report Reveals One Potential Intrusion Is Identified Every Seven Minutes

Sep 13, 2022 By CrowdStrike In CrowdStrike
Findings from Falcon Overwatch threat hunters showed faster breakout times by eCrime adversaries and one million malicious events were prevented by the CrowdStrike Falcon platform.
Read Post
kroll

Cyber Risk and CFOs: Over-Confidence is Costly

Sep 13, 2022 By Kroll In Kroll

Our CFO cybersecurity survey has shown that Chief Financial Officers are highly confident in their companies’ abilities to ward off cyber security incidents, despite being somewhat unaware of the cyber vulnerabilities their business faces. Almost 87% of the surveyed executives expressed this confidence, yet 61% of them had suffered at least three significant cyber incidents in the previous 18 months.

Read Post
Snyk

Announcing the 2022 State of Cloud Security report from Snyk

Sep 13, 2022 By Megan Moore In Snyk

Cloud computing has created the most profound shift in information technology in recent memory. Leveraging cloud technology, companies can build, deploy, and scale their applications faster than ever. But the adoption of cloud native tools and processes also brings new security challenges. Between complex cloud infrastructure and the expansion of cloud-based services, malicious actors have access to a bigger attack surface than they did even a few years ago.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.