Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

cycognito

Emerging Threat: Windows LDAP CVE-2024-49113

Jan 8, 2025 By Emma Zaballos In CyCognito
CVE-2024-49113, also known as LDAPNightmare, is a high severity (CVSS score of 7.5) unauthenticated Denial of Service (DoS) vulnerability in Windows Lightweight Directory Access Protocol (LDAP). This vulnerability allows attackers to crash any unpatched Windows server with an internet-accessible DNS server by overwhelming a critical internal component of the operating system. Both CVE-2024-49113 and its relative, the critical RCE vulnerability CVE-2024-49112, were publicized in December 2024.
Read Post
WatchGuard

WatchGuard Acquires ActZero to Accelerate Delivery of 24/7 MDR Services

Jan 8, 2025 By The Editor In WatchGuard
WatchGuard acquired ActZero, a leading provider of MDR services with proactive, rapid and automated threat response and cross-platform AI-driven threat analysis designed to outpace threats at machine speed. This move further expands and matures WatchGuard’s innovative 24/7 MDR service and was signed and closed on December 17, 2024.
Read Post
bitsight

Web Application Security for DevOps: Cross-Origin Resource Sharing (CORS) and Subresource Integrity (SRI)

Jan 8, 2025 By Chris Poulin In BitSight
With all of that background from parts 1, 2, and 3 of this series out of the way, let's turn to some practical considerations for real-world web applications. The inherent security restrictions for resources, including cookies and JavaScript, assume that each website contains all of its functionality in one neat, isolated package. But websites often contain content and functionality from multiple websites that trust each other.
Read Post

How to build a cyber risk program that will lock hackers out

Jan 8, 2025 By One Identity In One Identity
Rob Kraczek, One Identity Global Strategist, explores how organizations can avoid becoming part of the 90% of organizations that are victims of cyberattacks by developing a cyber risk program. Most hackers look for the easiest and most effective way to hack your environment. In this video, Kraczek shares why every organization needs robust identity governance and administration (IGA), the core component of a cyber risk program, to prevent cyberattacks. Learn more about Risk in the World of Identity Governance.
View Video
obrela

The Future of Cybersecurity: Insights and Predictions for 2025

Jan 8, 2025 By Notis Iliopoulos In Obrela
2024 marked a transformative shift in cybersecurity with AI and data driven cyber security leading the change. As the threat landscape evolves, the stage is set for further advancements in continuous risk management, threat monitoring, resilience, and governance in 2025, shaping a more secure and dynamic digital landscape where cybersecurity is becoming a catalyst for business success and compliance.
Read Post
Arctic Wolf

Understanding Indicators of Compromise and Their Role in Cybersecurity

Jan 8, 2025 By Arctic Wolf In Arctic Wolf
Through a known vulnerability, a threat actor gains access to an organization and begins to alter the network activity, running unusual enumeration commands. Then the threat actor uses stolen credentials to log into various applications within said network. The cybersecurity monitoring solution at work, in this case Arctic Wolf Managed Detection and Response, subsequently picks up an IP address associated with Finland connecting to the network.
Read Post
securitysenses

Securing the Modern Office: Strategies for a Safe and Productive Workspace

Jan 8, 2025 By SecuritySenses In SecuritySenses
The modern office is a hub of collaboration, innovation, and productivity, but it's also a potential target for various security threats. As businesses embrace hybrid work models, advanced technology, and flexible office designs, the need for comprehensive security measures has never been greater. Securing the workplace is no longer just about physical locks and surveillance cameras; it requires a holistic approach that combines physical, digital, and human factors to create a safe and productive environment.
Read Post
securitysenses

Securing the Internet of Things: Protecting IoT Devices in the Modern Office

Jan 8, 2025 By SecuritySenses In SecuritySenses
The Internet of Things (IoT) has revolutionized how modern offices operate, introducing unprecedented levels of connectivity and efficiency. From smart thermostats to security cameras, IoT devices are now integral to daily office functions. However, this increased connectivity also comes with heightened security risks. Cybercriminals can exploit vulnerabilities in IoT devices to gain access to sensitive networks, making them a prime target in the digital security landscape.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.