Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

tripwire

Protect Your Organization by Cultivating a Culture of Cybersecurity Awareness

Dec 28, 2021 By Tripwire Guest Authors In Tripwire

The cybersecurity market offers excellent solutions and services to combat the threats that are exploited by cybercriminals. However, are these tools enough to fully protect an organization? It is clear that human error is a strong attack vector for many popular cybercrimes, so the best way to augment any security program is to create a cyber-aware workforce. After all, with the correct training and education, the front-line staff can become one of the most effective allies in preventing an attack.

Read Post
jfrog

Log4j Detection with JFrog OSS Scanning Tools

Dec 28, 2021 By Ilya Khivrich In JFrog

The discovery of the Log4Shell vulnerability in the ubiquitous Apache Log4j package is a singular event in terms of both its impact and severity. Over 1 million attack attempts exploiting the Log4Shell vulnerability were detected within days after it was exposed, and it may take years before we see its full impact.

Read Post
coralogix

How to Detect Log4Shell Events Using Coralogix

Dec 28, 2021 By Yuval Khalifa In Coralogix

The Log4J library is one of the most widely-used logging libraries for Java code. On the 24th of November 2021, Alibaba’s Cloud Security Team found a vulnerability in the Log4J, also known as log4shell, framework that provides attackers with a simple way to run arbitrary code on any machine that uses a vulnerable version of the Log4J. This vulnerability was publicly disclosed on the 9th of December 2021.

Read Post
SecurityScorecard

Malvertising: The enemy of shoppers everywhere

Dec 27, 2021 By SecurityScorecard In SecurityScorecard

You’ve seen suspicious ads. Some were obvious — ads that claim your browser is infected with malware and you need to click immediately to remedy the situation — but likely, some weren’t obvious at all. They just looked like regular ads, and might have appeared on a site you trust. You didn’t know it (and hopefully didn’t click) but some of the ads you see regularly are malvertising.

Read Post
mend

Fixing the Log4j Vulnerability with WhiteSource

Dec 27, 2021 By Rhys Arkins In Mend

The announcement of Log4j vulnerability cve-2021-44228 sent security and development teams into a tailspin and highlights the one of biggest challenges of open source security: dependency management. The open source libraries that make up up to 80% of our applications are often a tangled web of dependencies.

Read Post

How To: Mitigate Log4j Vulnerabilities with the Forescout Platform

Dec 27, 2021 By Forescout In Forescout
Learn how to detect vulnerable managed assets with eyeSight and potentially exploited endpoints with eyeInspect. To download the latest Security Policy Templates, login to the Customer Support Portal. For the latest IOC / Industrial Threat Library - Please log into the Forescout OT/ICS portal.
View Video

Sensitive Data: What is it, and why you should never share it.

Dec 27, 2021 By Cyphere In Cyphere
What is sensitive data? Sensitive data can be any type of information that you may not want to share. The scope of what falls into this category is vast, but includes things like your name, address, phone number and social security number. Watch this video for more on the different types of sensitive data and why you should never share it!
View Video

MFA everything!

Dec 27, 2021 By Teleport In Teleport
This session will discuss what MFA is, why it is critical to use it for all access, and strategies for implementing MFA across an organization. This presentation will also include a brief demo showing how open source software can be used to help enforce MFA when accessing servers, databases, web applications, and Kubernetes clusters. Speaker: Jonathon Canada.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.