Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

foresiet

Infosys McCamish Systems Ransomware Attack: Over Six Million Customers' Data Compromised

Jul 2, 2024 By Foresiet In Foresiet
A significant ransomware attack on Infosys McCamish Systems, an outsourcing service provider for financial and insurance companies, has impacted over six million customers. The breach, which took place in late 2023, was only recently disclosed in a filing with the Maine Office of the Attorney General (OAG). This incident underscores the importance of robust cybersecurity measures such as stolen credentials detection, darknet monitoring services, and digital footprint analysis.
Read Post
nightfall

Nightfall Named A Leader in Data Loss Prevention (DLP) by G2

Jul 2, 2024 By The Nightfall Team In Nightfall
Nightfall has been named a Leader in Data Loss Prevention (DLP), Sensitive Data Discovery, Data Security, and Cloud Data Security in G2’s Summer ‘24 reports. We’d like to extend a huge thank you to all of Nightfall’s customers and supporters for making this possible. We’re also happy to acknowledge the Nightfall team’s tireless innovation, all in pursuit of helping customers to protect their sensitive data across the sprawling enterprise attack surface.
Read Post
splunk

regreSSHion: Uncovering CVE-2024-6387 in OpenSSH - A Critical Vulnerability

Jul 2, 2024 By Splunk Threat Research Team In Splunk
OpenSSH, an application installed by default on nearly every Unix-like and Linux system, has recently come under scrutiny due to a critical vulnerability discovered by Qualys. Designated as CVE-2024-6387 and aptly named "regreSSHion," this flaw exposes Linux environments to remote unauthenticated code execution. The implications of this vulnerability are far-reaching, potentially affecting countless servers and infrastructure components across the globe.
Read Post
the cyber helpline

Mary Calam Joins The Cyber Helpline as Trustee

Jul 2, 2024 By The Cyber Helpline In The Cyber Helpline
Mary had a long career in the UK government, working in senior roles in a range of agencies across counter terrorism, national security and law enforcement, including the Independent Police Complaints Commission and the Serious Organised Crime Agency. Her last executive role was as Director General for Crime, Policing and Fire in the Home Office.
Read Post

The 443 Podcast - Episode 296 - OpenSSH regreSSHion Vulnerability

Jul 2, 2024 By WatchGuard In WatchGuard
This week on the podcast, we cover OpenSSH's recent critical vulnerability and what it means for systems administrators. Before that, we discuss the CDK Global ransomware attack impacting car dealerships across the us, a Korean internet service provider delivering malware to their customers, and a takeover of a popular JavaScript library gone hostile. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
View Video
Corelight

Detecting The Agent Tesla Malware Family

Jul 2, 2024 By Keith J. Jones In Corelight
Welcome to the latest from Corelight Labs! This blog continues our tradition of picking a popular malware family from Any.Run and writing a detector for it! Trending consistently at #1 on Any.Run’s malware trends list, Agent Tesla uses multiple protocols to communicate with its C2 infrastructure, making it more difficult to detect robustly than a malware sample utilizing only one network protocol for its C2.
Read Post
ThreatQuotient

Useful questions to navigate the TIP vendor landscape

Jul 2, 2024 By Guest Blog In ThreatQuotient
In today’s escalating threat landscape, Security Operations Center (SOC) teams face a constant cat and mouse battle against adversaries as they try to stay one step ahead. This situation isn’t helped by the fragmented tools; multiple data feeds and data siloes they must contend with. Likewise, with so many security vendors out there with different approaches and solutions, how do they know what cybersecurity solutions they should be investing in?
Read Post
Rubrik

Securing Hypervisor Environments: Rubrik Intends to Extend Support for OpenShift Virtualization and Proxmox VE

Jul 2, 2024 By Justin Ruiz In Rubrik
In today's digital landscape, where data is the lifeblood of any business, securing and protecting hypervisor environments is paramount. Hypervisors, such as OpenShift Virtualization and Proxmox VE, play a critical role in virtualized environments. The threat landscape constantly evolves, with cyberattacks becoming more sophisticated and data breaches rising.
Read Post

Secrets in Plain Sight: Unveiling over 1 million secrets on public websites

Jul 2, 2024 By GitGuardian In GitGuardian
Join us at CodeSecDays for an insightful session with Cybernews researcher Vincentas Baubonis, who will reveal how their team discovered 1,141,004 secrets across 58,364 websites. Learn how exposed environment (.env) files containing passwords, API keys, and email credentials can lead to data breaches and site takeovers. We’ll discuss common leaked secrets like database credentials and AWS keys, and their impact, and share research methodology, ethical considerations, and steps to prevent exposure.
View Video
netskope

How to Navigate Data Security in the GenAI Era

Jul 2, 2024 By Richard Davis In Netskope
Since its mainstream emergence in 2022, generative AI has triggered a seismic shift in data management and security. It is estimated that one in four employees now uses genAI apps daily, often unbeknownst to their employer and IT team. This raises concerns, as genAI is designed with a voracious appetite for consuming both mundane and sensitive data. Effectively securing your data as genAI becomes prevalent is a strategic imperative.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.