Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Shifting From Reactivity to Proactivity in AppSec with Phil Guimond - Secrets of AppSec Champions

Sep 3, 2024 By Mend In Mend
"In Episode 03 of the SAC | Secrets of AppSec Champions podcast titled ""Compromised: Proactive to Reactive,"" hosts Chris Lindsey and guest Phil Guimond tackle the critical distinctions between proactive and reactive security strategies. They emphasize the importance of access logging and visibility in detecting compromises early, pointing out how changes in access logs can signal potential threats. They stress the necessity of implementing secure, tamper-proof log storage and discuss automation solutions like the ""Have I Been Pwned"" API and CAPTCHA to mitigate risks such as account takeovers.
View Video
foresiet

Verkada Penalized $2.95M by FTC for Security Failures Exposing 150,000 Camera Feeds

Sep 3, 2024 By Foresiet In Foresiet
In a significant development in the cybersecurity domain, the Federal Trade Commission (FTC) has proposed a $2.95 million penalty against security camera vendor Verkada. The penalty stems from multiple security failures that allowed hackers to access live video feeds from 150,000 internet-connected cameras. These breaches exposed sensitive environments, including women's health clinics, psychiatric hospitals, prisons, and schools, highlighting the severe implications of inadequate security measures.
Read Post
foresiet

Critical Vulnerabilities in Microsoft macOS Apps Could Lead to Unrestricted Access for Hackers

Sep 3, 2024 By Foresiet In Foresiet
In a recent cybersecurity development, eight vulnerabilities have been identified in Microsoft applications for macOS. These flaws could potentially allow attackers to gain elevated privileges or access sensitive data by bypassing the operating system’s permissions-based security model. This blog delves into the nature of these vulnerabilities, their potential impact, and the steps that can be taken to mitigate the risks.
Read Post
levelblue

The Human Factor in Cybersecurity: Behavioral Insights and Mitigation Strategies

Sep 3, 2024 By Sam Bocetta In LevelBlue
Whether it's clicking on a malicious link or being duped by social engineering tactics, people can unintentionally open the door to significant security breaches for organizations of all sizes. These mistakes aren’t inevitable or limited to any one role—they can happen to anyone, from top executives to customer service reps—but they are preventable with the right knowledge and constant vigilance in place.
Read Post
bitsight

A look into Web Application Security

Sep 3, 2024 By Pedro Umbelino In BitSight
In today's digital age, web applications are the backbone of many businesses, supporting and managing a vast array of sensitive information, from personal details and financial records to critical business data. When we think about any company that we want to know more about, the most common question is: “what is their website”? But web applications are not just about traditional websites, they encompass far more than just the pages you go to when browsing the Internet.
Read Post
fidelis security

The Role of Deception in Securing Active Directory

Sep 3, 2024 By Paul Girardi In Fidelis Security
90% of businesses around the world use Active Directory as their primary Directory Service. It plays an essential role in the identity and access management of large enterprises. In the past few years, attacks on Active Directory have soared. This is because it is a central platform where all the identities and accesses of employees are hosted, making it the keys to your enterprise.
Read Post
mend

Introducing the Mend AppSec Platform

Sep 3, 2024 By Carol Hildebrand In Mend
According to Dimension Market Research, the global Application Security Market size is projected to “reach USD $9.6 billion by 2024 and is further anticipated to reach USD $47.3 billion by 2033 at a CAGR of 19.4%.” However, companies confront extensive barriers when developing reliable application security programs.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.