Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

ionix

Is Gartner Waving 'Bye Bye Bye' to EASM?

Aug 6, 2024 By Marc Gaffan In IONIX
TLDR: The ways that organizations find and fix security exposures have been flawed for years. Traditional vulnerability management (VM) programs have failed to address the core issues. What’s worse, the relatively new category of External Attack Surface Management (EASM) has not solved the problems it aimed to solve. But hope, in the form of Exposure Management, is on the way.
Read Post
netacea

Why Do Credential Stuffing Bots Target Live Streaming Events?

Aug 6, 2024 By Alex McConnell In Netacea
Streaming services are one of the most popular targets for cybercriminals. Using automated bots, attackers steal millions of streaming accounts each month. Adversaries quickly sell these via illegal marketplaces to make massive profits. Although any streaming service is vulnerable to account takeover and credential stuffing attacks, there are additional risks and damages when live event streaming is on offer.
Read Post
sysdig

Supercharge your investigation with Sysdig Sage for CDR

Aug 6, 2024 By ashish chakrabortty In Sysdig
Artificial intelligence has taken over almost every aspect of our everyday lives. In cybersecurity, generative AI models with natural language processing are commonly being used to predict, detect, and respond to threats. But AI security assistants, although an upgrade from traditional machine learning, only provide very basic queries and summarization, which is insufficient to fully comprehend modern cloud attacks. As part of an ongoing effort to improve the cloud detection and response (CDR) experience,
Read Post
knowbe4

AI Tools Have Increased the Sophistication of Social Engineering Attacks

Aug 6, 2024 By Stu Sjouwerman In KnowBe4
The Cyber Security Agency of Singapore (CSA) has warned that threat actors are increasingly using AI to enhance phishing and other social engineering attacks, Channel News Asia reports. The CSA’s report found that cybercriminals are selling tools that automate these attacks, allowing unskilled threat actors to launch sophisticated attacks.
Read Post
knowbe4

New Malvertising Campaign Impersonates Google Authenticator

Aug 6, 2024 By Stu Sjouwerman In KnowBe4
Researchers at Malwarebytes spotted a malvertising campaign that abused Google Ads to target people searching for Google Authenticator. If someone typed “Google Authenticator” into Google, the malicious ad would be at the top of the search results. The ad copied the website description from the real Google Authenticator, but would redirect users to a phishing site. “We can follow what happens when you click on the ad by monitoring web traffic,” the researchers explain.
Read Post
Corelight

Corelight Announces Cloud Enrichment for AWS, GCP, and Azure

Aug 6, 2024 By Todd Morneau In Corelight
This week, I’m excited to announce Cloud Enrichment for AWS, GCP, and Azure. These enhancements are designed to accelerate incident response and unlock threat hunting capabilities by automatically combining the insights of your cloud network with the native control plane data from your cloud service provider.
Read Post

What CISOs Must Consider During a Breach with Amy Bogac, CISO at Elevate Textiles

Aug 6, 2024 By Rubrik In Rubrik
Welcome to the Data Security Decoded podcast, brought to you by Rubrik Zero Labs. Each episode features senior cybersecurity leaders and other luminaries with unique perspectives about the current state of data security. We explore rising trends and themes across cybersecurity and unpack what that means for organizations looking to secure their data and achieve cyber resilience. In this episode, your host, Steve Stone, is joined by Amy Bogac, CISO at Elevate Textiles and a member of the Technical Advisory Board at Radiant Security.
View Video
netwrix

ITDR Essentials: Determining Your Needs and Selecting the Right Solution

Aug 6, 2024 By Ian Andersen In Netwrix
Identity theft is a concern for everyone living in the digital age. By stealing someone’s identity, a criminal can gain access to their credit cards and financial accounts or apply for credit using the victim’s identity. The compromise of your identity can lead to numerous troubling circumstances. Cybercriminals have learned to leverage identity theft to access vast amounts of personal and sensitive information within digital enterprises.
Read Post
tripwire

Hurricane Season Scams: What you need to know

Aug 6, 2024 By Antonio Sanchez In Tripwire
Cybercriminals are notorious for their opportunism. No situation is off limits: whether they exploit conflict and human suffering, blackmail vulnerable individuals by threatening to leak therapy notes, or even bring healthcare organizations to their knees, cybercriminals will stop at nothing to make a quick buck. Hurricane season is a particularly lucrative time of year for cybercriminals.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.