Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Trustwave

Phishing and Ransomware: How Threat Actors Attack the Financial Services Sector

Sep 4, 2024 By Trustwave In Trustwave
Trustwave SpiderLabs is prepped to launch its newest threat intelligence research, the 2024 Trustwave Risk Radar Report: Financial Services Sector. The upcoming report, which is set to be released on September 10, promises to be an indispensable resource for cybersecurity professionals. This comprehensive report not only sheds light on the modus operandi of a dominant ransomware gang but also delves into the persistent use of phishing and brute-force attacks to compromise credentials.
Read Post
jfrog

Revival Hijack - PyPI hijack technique exploited in the wild, puts 22K packages at risk

Sep 4, 2024 By Andrey Polkovnichenko In JFrog
JFrog’s security research team continuously monitors open-source software registries, proactively identifying and addressing potential malware and vulnerability threats to foster a secure and reliable ecosystem for open-source software development and deployment. This blog details a PyPI supply chain attack technique the JFrog research team discovered had been recently exploited in the wild.
Read Post

TCSCD Tanium Certified Specialist Cloud Deployment - Certification Series - Tanium Tech Talks #101

Sep 4, 2024 By Tanium In Tanium
Welcome to this installment of the Tanium certification series. Today's exam covers key knowledge for planning and deploying Tanium in the cloud. We're talking about the TCSCD exam, Tanium Certified Specialist Cloud Deployment. As with other exams in this series, I've invited one of the experts who helped write the exam questions to give us an insider's look at what is covered and to help you prepare.
View Video

Install ggshield On macOS Using Signed .pkg Files

Sep 4, 2024 By GitGuardian In GitGuardian
MacOS users can now opt to install ggshield using our new signed packages. Installing ggshield, the GitGuardian CLI is a very quick process, but traditionally has required use of python's pip or homebrew on a macOS system. With the release of ggshield 1.27.0 we are now proud to offer signed DOT P G K files, making it possible to easily distribute ggshield to your team and leverage the official Mac Installer. Since it is officially signed, once downloaded, it just takes a couple of clicks to get it installed.
View Video
levelblue

Cybersecurity in a Cycle: Balancing Repair and Replacement for Optimal Security

Sep 4, 2024 By Devin Morrissey In LevelBlue
Regularly updating your policies, software, and systems is crucial to your long-term cybersecurity efforts. However, failing to properly plan these updates can undermine your continuity plans and impede your business's productivity and profitability. As a cybersecurity specialist, you can balance repairs and replacements by creating a dynamic, adaptive strategy that accounts for industry trends and responds to emerging threats without causing unnecessary expenses to the company.
Read Post
tripwire

Employee Cybersecurity Awareness Training Strategies for AI-Enhanced Attacks

Sep 4, 2024 By Tripwire Guest Authors In Tripwire
With the adoption of AI in almost every sphere of our lives and its unending advancement, cyberattacks are rapidly increasing. Threat actors with malicious intent use AI tools to create phishing emails and other AI-generated content to bypass traditional security measures. On the bright side, the security capabilities of AI are limitless. AI-enhanced attacks refer to cybersecurity events that use artificial intelligence to compromise individuals' and organizations' safety.
Read Post
elastic

Is your SIEM ready for the AI era? Essential insights and preparations

Sep 4, 2024 By Mark Settle In Elastic
A head-spinning series of acquisitions and mergers is transforming the security information and event management (SIEM) market. Behind this market shakeup is the ongoing technological shift from traditional, manually intensive SIEM solutions to AI-driven security analytics. Legacy systems — characterized by manual processes for log management, investigation, and response — no longer effectively address today’s fast-evolving cyber threats.
Read Post
keeper

Keeper Named Value Leader by EMA for Privileged Access Management

Sep 4, 2024 By Timothy Jester In Keeper
Keeper is cost-effective and easy to deploy – and the industry is taking notice. Keeper Security’s zero-trust Privileged Access Management (PAM) solution, KeeperPAM, has again been recognized as a Value Leader by the IT and data management analyst research and consulting firm Enterprise Management Associates (EMA) in its 2024 PAM Radar Report: Read the Full Report.
Read Post
tripwire

Let's Dance: Securing Access with PIM and PAM to Prevent Breaches

Sep 4, 2024 By Rita Nygren In Tripwire
I know when to log out Know when to log in Get things done In the spirit of David Bowie, let's explore how to navigate the labyrinth of privileged access management without getting "Under Pressure." No one wants to mistype a common command, copy their proprietary data to a public location, or delete their operating system. Having multiple accounts—one for regular activities and specific privileged accounts to do sensitive tasks—ought to focus effort and prevent mistakes.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.