Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

redscan

New Kroll report reveals evolving use of insider threat and phishing techniques

Jun 18, 2024 By Mark Nicholls In Redscan
In Q1 2024, Kroll observed SMS and voice-based tactics being used in phishing attacks, raising concern around the potential for deep fakes and AI technologies to further enhance the effectiveness of phishing attacks. Linked to this, one insider threat case investigated by Kroll in Q1 saw employee impersonation take place, another area in which AI-related technology could be especially impactful.
Read Post
foresiet

Beyond Detection: The Rise of Legitimate Software Abuse in Malware Attacks

Jun 18, 2024 By Foresiet In Foresiet
Cybersecurity researchers have identified an increasing trend where threat actors are abusing legitimate and commercially available packer software, such as BoxedApp, to evade detection and distribute malware, including remote access trojans and information stealers. Targeted Industries and Geographical Spread According to Check Point security researcher Jiri Vinopal, the majority of malicious samples have targeted financial institutions and government sectors.
Read Post
foresiet

The AMD Data Breach: Cyber Threats and Dark Web Activity

Jun 18, 2024 By Foresiet In Foresiet
Recently, our team at Foresiet Threat Intelligence detected a significant data breach affecting AMD, a prominent computing company. This breach, orchestrated by the renowned dark web threat actor IntelBroker. The breach, uncovered by the Foresight Threat Intelligence Team, revealed a vast array of compromised data, including details on future products, spec sheets, employee and customer databases, property files, ROMs, source code, firmware, and financial records. The Dark Web Connection.
Read Post
CalCom

Default Permissions in SQL Server Public Role - permission not granted

Jun 18, 2024 By Ben Balkin In CalCom
In an SQL Server, roles act like security groups that control what users can do within the database environment. The roles designate the access groups determining who can access specific databases and what they can do with the data within those databases. The public role is a special database role that everyone is assigned by default when they become a member of a database. By default, the public role has very limited permissions, often no permissions at all.
Read Post
keeper

Passkeys vs Two-Factor Authentication (2FA): What's the Difference?

Jun 18, 2024 By Keeper In Keeper
The main difference between passkeys and 2FA is that passkeys completely remove the need for individuals to enter a password, whereas 2FA enhances the security of an account by requiring an additional method of authentication in addition to a traditional username and password. Continue reading to learn more about the differences and similarities between passkeys and 2FA, and which is more secure.
Read Post
graylog

Never Miss a Critical Alert: Graylog 6.0 Elevates Security Alerting with Pushover Integration

Jun 18, 2024 By Ethan C. Keaton In Graylog
Responding rapidly to cyber threats is a make-or-break capability in today’s high-stakes security environment. A missed alert can quickly escalate a minor incident into a major crisis, jeopardizing your organization’s critical assets and hard-earned reputation. A recent IBM study revealed that companies took an average of 237 days to identify a data breach in 2021 — an inexcusable delay that could invite catastrophic consequences. (Source: IBM Cost of a Data Breach Report 2022)
Read Post
knowbe4

The Overlooked Truth: User Experience in Cybersecurity

Jun 18, 2024 By Javvad Malik In KnowBe4
We live in a world where the term "cybersecurity" tends to make folks either shiver with anxiety or yawn with boredom. The narrative has always been about hacking, phishing, and all sorts of digital skullduggery. However, the overlooked truth is that users don't adopt best security practices because they’re designed without the slightest nod to the user experience.
Read Post
WatchGuard

What is Glupteba and how can you protect your customers from this malware?

Jun 18, 2024 By Carlos Arnal In WatchGuard
Over time, cybercriminals find ways to exploit new cybersecurity breaches, leading to the creation of malware that compromises users' security. Every year, one or more malware variants stand out as new, evasive, or dangerous. According to our Internet Security Report (ISR), last year it was Glupteba.
Read Post
lookout

7 Top Mobile Security Threats: Safeguard Your Device

Jun 18, 2024 By Lookout In Lookout
Mobile devices have made it possible for employees to work and communicate from just about anywhere. But that convenience comes at a price. The rise of mobile devices and the rise of mobile security threats have gone hand-in-hand. Mobile devices like phones, tablets, and ChromeOS devices present an incredible vector for phishing, social engineering, and malware distribution—and threat actors are keenly aware of that fact.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.