Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

alienvault

Enhancing Financial Security Through Behavioral Biometrics

Apr 29, 2024 By Devin Morrissey In AT&T Cybersecurity
The evolution of tech necessitates stronger cybersecurity. Financial information is appealing to hackers trying to steal identities and commit fraud. These bad actors are evolving with tech to figure out ways to bypass the increasingly robust cybersecurity measures.
Read Post
trilio

Immutable Backups: Importance, Benefits, and Implementation

Apr 29, 2024 By David Safaii In Trilio
Ransomware, human errors, and disasters are constant threats to your business’s most valuable asset –its data. Traditional backups, while essential, aren’t always enough since ransomware can still infiltrate them. That’s where immutable backups emerge as a crucial layer of protection. They ensure that even if the worst happens, your critical information remains untouched and recoverable.
Read Post
Arctic Wolf

Critical Authentication Bypass Vulnerability in Delinea Secret Server Disclosed Along With PoC

Apr 28, 2024 By Andres Ramos In Arctic Wolf
On April 12, 2024, Delinea issued an advisory to address a critical authentication bypass vulnerability identified in the SOAP API component of its Secret Server product, available in both Cloud and On-Premises solutions. A threat actor could exploit this vulnerability to bypass authentication, gain administrative access, and extract sensitive information.
Read Post
Arctic Wolf

Cisco Duo Third-Party Compromise

Apr 28, 2024 By Andres Ramos In Arctic Wolf
On April 16, 2024, Cisco Duo informed affected customers of a breach involving their SMS and VOIP multi-factor authentication (MFA) service provider. The breach occurred on April 1st due to a phishing attack, allowing unauthorized access to the provider’s systems, including SMS and VoIP MFA message logs for specific Duo accounts between March 1st and March 31st, 2024. Though the threat actor accessed message logs, they did not obtain message content.
Read Post
Featured Post
ThreatQuotient

How threat intelligence can improve vulnerability management outcomes

Apr 27, 2024 By Chris Jacob, Global Vice President, Threat Intelligence Engineers In ThreatQuotient
It might surprise you to know that more than 70 new vulnerabilities are published every day. And despite their risk-reducing value in helping SOC teams address these, vulnerability management solutions have drawbacks. Often, they only provide a snapshot of an organization's vulnerabilities at a point in time. In fact, owing to their nature, vulnerabilities identified today may not exist tomorrow, or they may appear and disappear intermittently. This leaves security teams scrambling to understand not only what the risk is, but how it affects them and where they should start first with any remediation.
Read Post
Spectral

7 Steps to ensure compliance with the CJIS security policy

Apr 27, 2024 By Eyal Katz In Spectral
A high-profile case hangs in the balance. Suddenly, court systems are paralyzed. Evidence is locked away, replaced by a ransom demand. Every law enforcement agency’s nightmare is alarmingly common – 96% of organizations were hit by ransomware in the past year, according to Cisco’s 2023 report. Exposed API keys, forgotten cloud configurations, outdated systems – these seemingly small vulnerabilities are the entry points relentless cybercriminals exploit.
Read Post
securitysenses

Top HIPAA Compliant Fax Services: Ensuring Secure Healthcare Communication

Apr 26, 2024 By SecuritySenses In SecuritySenses
When it comes to transmitting sensitive patient data, faxing must be secure and compliant under HIPAA regulations. But what does a 'hipaa compliant fax' service entail? Without delay, this article gets to the heart of HIPAA fax compliance, detailing the necessary security measures, the severe risks of non-compliance, and how to identify credible fax services that uphold these regulations. Discover the components and benefits of dependable HIPAA compliant fax solutions that protect patient data and uphold the integrity of healthcare providers.
Read Post
manageengine

How to segment DHCP scopes in DDI Central to achieve effective network segmentation

Apr 26, 2024 By DDI Central In ManageEngine
Data breaches have become alarmingly frequent and expensive. In 2022, the average incident incurred a massive cost of $4.35 million and, further compounding the associated costs and impacts, took an average of 243 days to identify and an additional 84 days to contain. This figure is expected to climb even higher as regulatory bodies across the globe tighten data protection laws, escalating the financial and reputational stakes of failing to safeguard sensitive information.
Read Post
jit

When and How to Create a Software Bills of Materials (SBOM)

Apr 26, 2024 By Charlie Klein In Jit
A Software Bill of Materials (SBOM) inventories all of the open source components and other third-party libraries within a codebase. Much like IKEA instructions explain which parts are included in the package for your new furniture, an SBOM describes all of the third party components in your codebase. Most SBOMs contain the following information about the make-up of an application: Security vulnerabilities: a key use case for SBOM is understanding the security risks of third party components.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.