Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

To the Point: Journey to the secure cloud through StateRAMP (Part II)

Aug 15, 2024 By Tanium In Tanium
Join us for part two of Tanium Public Sector’s first episode of our To the Point government thought leadership interview series as we continue our dialogue with Leah McGrath, executive director of StateRAMP, as she delves into best practices for standardization, continuous monitoring and more.
View Video
Snyk

The journey to AppSec gold: Lessons we can learn from the Olympians

Aug 15, 2024 By Krysta Williams-Timm In Snyk
The 2024 Olympics are in full swing, and everyone at Snyk is excited to tune into the games and cheer on our respective countries’ athletes. There’s a lot to love about the Olympics — dazzling opening ceremonies, heart-racing feats, close-call victories, and so much more. But along with all the fun and excitement comes a sense of inspiration.
Read Post

To the Point: Journey to the secure cloud through StateRAMP (Part I)

Aug 15, 2024 By Tanium In Tanium
Join us for part one of Tanium Public Sector’s first episode of our To the Point government thought leadership interview series as we sit down with Leah McGrath, executive director of StateRAMP, to discuss how the nonprofit helps governments and cloud and security service providers achieve and maintain security compliance.
View Video
cato networks

Cato CTRL Threat Brief: CVE-2024-38077 - Windows Remote Desktop Licensing Service RCE Vulnerability ("MadLicense")

Aug 15, 2024 By Vadim Freger In Cato Networks
Recently, CrowSec security researchers published a proof of concept (PoC) for a critical remote code execution (RCE) vulnerability in Windows Server (CVSS score 9.8), ranging all the way from Windows Server 2000 up to 2025. The vulnerable component is the Remote Desktop Licensing service, often deployed and enabled on Windows Servers using Remote Desktop Services. The exploit is a 0-click pre-auth exploitation, meaning no user interaction or authentication details are necessary.
Read Post
Trustwave

Trustwave Rapid Response: Mitigate Windows TCP/IP RCE Vulnerability (CVE-2024-38063)

Aug 15, 2024 By Trustwave In Trustwave
Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution (RCE) vulnerability that impacts all Windows systems utilizing IPv6. To conduct this attack, threat actors can repeatedly send IPv6 packets that include specially crafted packets. By doing this, an unauthenticated attacker could exploit this vulnerability, leading to remote code execution. Systems that have IPv6 disabled are not susceptible to this vulnerability.
Read Post
centripetal

The EU AI Act: Ensuring Cybersecurity and Trustworthiness in High-Risk AI Systems

Aug 15, 2024 By Rebecca Lindley In Centripetal
Artificial Intelligence (AI) has come a long way since John McCarthy first coined the term in 1955. Today, as AI technologies become deeply embedded in our daily lives, the potential they hold is immense – but so are the risks to safety, privacy, and fundamental human rights. Recognizing these concerns, the European Union (EU) took a proactive step in 2021 by proposing a regulatory framework aimed at governing AI.
Read Post

Building for the Future DevSecOps in the era of AI ML Model Development

Aug 15, 2024 By JFrog In JFrog
Melissa McKay, JFrog Developer Advocate, and Sunil Bemarkar, AWS Sr. Partner Solutions Architect, discuss practical ways to mature your MLOps approach including bringing model use and development into your existing secure software supply chain and development processes. Watch to learn more and get a demo of the JFrog and Amazon SageMaker integration.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.