Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Reveal Your Network's Hidden Weaknesses with KnowBe4's BreachSim Data Exfiltration Simulator

Jul 17, 2024 By KnowBe4 In KnowBe4
As cyber threats evolve, the target has become crystal clear: your data. A staggering 90% of ransomware attacks now include a data exfiltration component. With this in mind, KnowBe4 has introduced a robust free tool, BreachSim, to identify your network's vulnerabilities and shore up your cyber defenses. Financial losses, reputation damage, intellectual property theft, regulatory repercussions and operational disruptions are just a few of the harsh consequences of data exfiltration assaults. KnowBe4 BreachSim can help you nip these risks in the bud.
View Video

Everything to prepare for the 90-day SSL/TLS certificate validity proposal

Jul 17, 2024 By ManageEngine In ManageEngine
In a recent proposal, Google has expressed its intention to reduce the validity of SSL/TLS certificates to 90 days, a reduction from the current validity of 398 days. The move is focused on ensuring faster security updates, improving adoption of newer cryptographic standards, and eliminating the reliance on imperfect revocation systems. While this move promises several security benefits, without a proper certificate life cycle management (CLM) solution in place, enterprises will face operational nightmares when the proposal becomes a mandate. Is your business ready for this change?
View Video
datadog

Detect SSRF attacks in cloud applications and APIs

Jul 17, 2024 By Mallory Mooney In Datadog
APIs can be vulnerable to a wide variety of attacks, such as poor inventory management and access controls, making them a primary target for attackers. Server-side request forgery (SSRF) is one type of attack that has become more prominent with the rising use of public clouds. This is primarily due to new development practices like using Instance Metadata Services (IMDS) to access valuable information about deployed instances, such as credentials.
Read Post
Trustwave

6 Steps on How to Respond to a Data Breach Before it Ruins Your Business

Jul 17, 2024 By Trustwave In Trustwave
Too many consumers have awoken one morning to find messages from a retailer or their bank detailing purchases made through their account of which they were unaware. While the realization that they have been hacked will cause some well-deserved panic for the account holder, it usually only takes a few phone calls to cancel purchases, change a password, and cancel a credit card to put a stop to the problem.
Read Post
knowbe4

New Ransomware Threat Group Calls Attack Victims to Ensure Payments

Jul 17, 2024 By Stu Sjouwerman In KnowBe4
Analysis of new ransomware group Volcano Demon provides a detailed look into how and why calling victims ups the chances of ransomware payment. Security researchers at Halcyon have uncovered a new ransomware threat group that initially follows traditional methods – harvesting admin credentials, data exfiltrated to a C2 server, logs cleared and data was encrypted using LukaLocker. However, Volcano Demon attacks take a different direction in the extortion phase.
Read Post

Introducing Teleport VNet

Jul 17, 2024 By Teleport In Teleport
Simplify Secure Access with Teleport VNet! Discover how Teleport VNet revolutionizes connecting to TCP applications through Teleport. This video guide walks you through: What is VNet and how it works Setting up VNet on macOS using Teleport Connect Connecting to TCP apps seamlessly Using VNet with tsh command-line tool Troubleshooting tips and best practices Learn how VNet automatically proxies connections, enhancing security without compromising ease of use. Perfect for DevOps, sysadmins, and anyone working with remote TCP applications.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.