Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

archTIS

Embracing Zero Trust: Lessons from Australia's Defence Supply Chain Data Breach

Nov 11, 2025 By Gerard Foley In archTIS
Earlier this week, The Australian broke the news that the Cyber Touhan hacking group stole classified plans for Australia’s new infantry fighting vehicles, a $7B AUD procurement program, in a massive cyber-attack targeting 17 Israeli defence contractors in the supply chain. The attack was carried out by targeting a downstream supplier, MAYA Technologies, exploiting vulnerabilities in their network and peripherals to gain access to sensitive data.
Read Post
teleport

Investigate Amazon EKS Audit Logs with Teleport Identity Security

Nov 11, 2025 By Ben Arent In Teleport
In Teleport 18, we’ve added official support to import Amazon EKS Audit Logs into Teleport Identity Security. This capability allows teams to have visibility into actions performed on Amazon EKS clusters when those actions were not executed via Teleport. Amazon EKS Audit Logs in Teleport Identity Security will be generally available in Teleport 18.3, coming November 2025. Your browser does not support the video tag.
Read Post
nightfall

When Collaboration Tools Become Exfiltration Channels: What the Palantir Case Reveals

Nov 11, 2025 By Anant Mahajan In Nightfall
Last week, Palantir filed a lawsuit in Manhattan federal court alleging that two former senior engineers used Slack to transfer confidential documents - including healthcare demonstration frameworks, revenue cycle diagrams, and customer deployment plans - the day after one of them gave notice. The documents were allegedly accessed later on a personal phone. The engineers had since joined Percepta, a competing AI startup backed by General Catalyst that emerged from stealth mode in October.
Read Post
indusface

SessionReaper (CVE-2025-54236): Impact, Detection, and Mitigation

Nov 11, 2025 By Deepak Kumar Choudhary In Indusface
SessionReaper (CVE-2025-54236), an unauthenticated vulnerability in the Commerce REST API enables session takeover and possible RCE. If you run Adobe Commerce or Magento Open Source, this critical, pre-auth vulnerabilities can let attackers hijack customer accounts, manipulate orders, and in many real-world setups drop persistent PHP web shells on your servers.
Read Post
WatchGuard

The Efficiency Shift: Endpoint Efficiency Over Alert Volume

Nov 11, 2025 By Iratxe Vazquez In WatchGuard
For years, the cybersecurity industry has celebrated “more detections” as proof of effectiveness. Dashboards filled with alerts were seen as signs of vigilance and control. But in practice, the opposite is true: too many alerts create noise, fatigue, and blind spots that delay real responses. When analysts are buried under a flood of low-value detections, the attacker always moves faster.
Read Post
Arctic Wolf

CVE-2025-42890: Hard-Coded Credentials in SAP SQL Anywhere Monitor (Non-GUI)

Nov 11, 2025 By Julian Tuin In Arctic Wolf
On November 11, 2025, SAP published a security advisory as part of their November security patches, addressing a maximum severity vulnerability identified as CVE-2025-42890 in SQL Anywhere Monitor (Non-GUI) version 17.0. The vulnerability involves hard-coded credentials, which exposes system resources to unauthorized users and allows threat actors to execute arbitrary code without authentication.
Read Post
Arctic Wolf

The Unmeasurable is Unmanageable: Why Cyber Resilience Takes Center Stage for Businesses

Nov 11, 2025 By Dan Larson In Arctic Wolf
The World Economic Forum (WEF) recently published an article on cyber resilience that resonates with conversations we have daily at Arctic Wolf. Their central argument — that organizations need to move beyond basic prevention toward comprehensive, measurable resilience — reflects what we’re hearing from business leaders across industries.
Read Post
Arctic Wolf

What's Behind The Rise of Spear Phishing Attacks on IT Leaders?

Nov 11, 2025 By Arctic Wolf In Arctic Wolf
Phishing has been a mainstay of cybercrime for decades – and for good reason. Threat actors continually evolve their phishing tactics, techniques, and procedures (TTPs), adapting the method with new tools and technologies to ensure it remains highly effective. IT leaders have become especially attractive targets: their privileged access amplifies the impact of a successful compromise.
Read Post
certkit

Certificate revocation is broken but we pretend it works

Nov 11, 2025 By Todd H. Gardner In CertKit
Last week, someone commented on my post about 47-day certificates: This perfectly captures our collective delusion that SSL certificate revocation works. You click a button, the certificate stops working. And why wouldn’t we believe that? Every CA has a big “Revoke Certificate” button right there in the dashboard. It must do something, right? Here’s the dirty truth: most revoked certificates keep working.
Read Post
Seven Bibliography Mistakes SparkDoc Catches, Plus How to Keep Them Out of Your Drafts

Seven Bibliography Mistakes SparkDoc Catches, Plus How to Keep Them Out of Your Drafts

Nov 11, 2025 By SecuritySenses In SecuritySenses
Good writing can wobble at the finish line when the references go wrong. Reviewers notice. Teachers notice. Readers who care about sources notice first of all. Bibliography mistakes do not only weaken credibility, they slow down the whole process because every small error leads to another round of checking. This guide looks at the errors that appear again and again, plus how an AI-aware workflow reduces them without turning the page into a sales pitch. The goal is a clean, verifiable bibliography that supports the argument rather than distracts from it.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.