Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

cato networks

Cato CTRL Threat Research: CVE-2023-49559 - gqlparser Directive Overload DoS Vulnerability

Sep 18, 2024 By Vadim Freger In Cato Networks
The Cato CTRL and Cato Application Security Research teams recently discovered CVE-2023-49559, a directive overload Denial of Service (DoS) vulnerability in the gqlparser library, which is a crucial component in the development and running of GraphQL applications. The vulnerability is of medium severity (CVSS score of 5.3). The gqlparser library is an integrated component of the gqlgen Golang GraphQL server, widely used in web applications to handle GraphQL queries.
Read Post
Arctic Wolf

CVE-2024-38812: Critical RCE Vulnerability Fixed in VMware vCenter Server and Cloud Foundation

Sep 18, 2024 By Andres Ramos In Arctic Wolf
On September 17, 2024, Broadcom released fixes for a critical vulnerability impacting VMware vCenter Server and Cloud foundation, tracked as CVE-2024-38812. This vulnerability is a heap-overflow flaw in the implementation of the DCERPC protocol that a remote attacker can use to send specially crafted network packets to vCenter Server, potentially leading to Remote Code Execution (RCE).
Read Post
datatrails

Immutable Ledgers: Recording Time-Sensitive Decisions and Knowledge

Sep 18, 2024 By Steve Lasker In DataTrails
In a time when everything said, whether factual, fake, or AI-created, may be recorded and posted on the internet, it’s more important than ever to ensure that what was recorded accurately represents a point in time. When someone claims you said, “I was Smoking on a flight, watching Star Wars, the best special effects movie of all time,” was that a false claim? Did they include the date and the context?
Read Post
spambrella

Why Every Business Needs an Email Continuity Strategy

Sep 18, 2024 By Spambrella In Spambrella
Email systems are vulnerable to a multitude of risks that can interfere with business operations. It’s impossible to embrace continuity without being fully aware of these risks, what they entail, and the repercussions that may follow. Here are the most common threats that organizations should be prepared for before and after they master BCP: There are many crisis types that can undermine your business continuity unless it’s enhanced with advanced solutions and protocols.
Read Post

Securing Digital Health: Cybersecurity Challenges in Rapid Healthcare Transformation #shorts

Sep 18, 2024 By Rubrik In Rubrik
The healthcare industry, traditionally slow in digital transformation due to stringent regulations, is now experiencing rapid change. As digitization accelerates, vast amounts of personal and professional data are being stored across healthcare systems—making them prime targets for cybercriminals. This sector’s rich data environment, coupled with evolving cybersecurity practices, creates a unique challenge. Unlike the well-established security measures in banking and financial services, healthcare's cyber defenses are still maturing.
View Video
elastic

Elastic named a Leader in IDC MarketScape: Worldwide SIEM for Enterprise 2024

Sep 18, 2024 By Mark Settle In Elastic
Elastic has been recognized as a Leader in the IDC MarketScape for Worldwide SIEM for Enterprise 2024 Vendor Assessment. Elastic Security modernizes threat detection, investigation, and response with AI-driven security analytics — the future of SIEM. It is the tool of choice for SOC teams because it eliminates blind spots, boosts practitioner productivity, and accelerates SecOps workflows.
Read Post
lookout

5 Zero Trust Remote Access Solutions Your IT Team Needs to Know

Sep 18, 2024 By Lookout In Lookout
In the past, organizations could control how, when, and where their employees accessed sensitive data. Now, in the age of hybrid and remote work, employees can connect to company networks from any location over nearly any device. Safeguarding data while granting employees the access they need is a delicate balance. That’s where zero trust remote access solutions come into play.
Read Post
levelblue

Introducing LevelBlue's 24/7 Managed Threat Detection and Response Service for Government

Sep 18, 2024 By Michael Vaughn In LevelBlue
As new threat vectors emerge and cybercriminals leverage sophisticated technologies to orchestrate more targeted attacks, staying ahead of threats is more challenging than ever. We are excited to announce the launch of a new managed security service designed to protect highly regulated data and help ensure critical services are efficiently delivered.
Read Post
Tines

Transforming security operations with Workbench

Sep 18, 2024 By Eoin Hinchy In Tines
Enterprise data consolidation and access have long posed significant challenges in the Security Operations Center (SOC). They often hinder security teams from effectively investigating and taking action on the vast amounts of data they are tasked with protecting. Traditional security tools frequently operate in isolation, lacking the compatibility to create a cohesive data strategy.
Read Post

Introducing Netacea Threat Intel Feeds

Sep 18, 2024 By Netacea In Netacea
This webinar introduces Netacea Threat Intel Feeds—a tool to harden your defenses against automated attacks using real-world threat data. Join James Middleton, Andy Still, and Cyril Noel-Tagoe as they explore how Netacea processes trillions of requests daily, enabling Threat Intel Feeds to identify and stop attack traffic in real-time, so you can squeeze more value out of your existing edge defenses.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.