Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Trustwave

The Inevitable Threat: AI-Generated Email Attacks Delivered to Mailboxes

Mar 19, 2024 By Trustwave In Trustwave
Generative AI exploded in popularity not too long ago but its influence on text and media creation is already undeniable. AI content is becoming ubiquitous on the internet, and this technology is slowly seeping into real life, impacting sectors such as healthcare, finance, agriculture, and education. In a previous blog post, we discussed the rise of malicious AI chatbots and how they can be leveraged in cyberattacks. Now, we are seeing these potentially AI-written spam being distributed via email.
Read Post
bulletproof

How to Get Started with Red Teaming - Expert Tips

Mar 19, 2024 By Dominic Mortimer In Bulletproof
During my time delivering red team engagements over the last few years, I've had the luxury of working with organisations who’re just starting out with their red teaming approaches, all the way up to battling hardened and heavily monitored networks. In this experience, I’ve found that one of the key areas that makes or breaks a successful operation is the scoping, sizing and planning of an engagement. It can often be daunting to explore more threat-led and realistic testing approaches.
Read Post
riskoptics

Why PCI 4.0 Matters: A Deep Dive into Its Importance

Mar 19, 2024 By RiskOptics In RiskOptics
The Payment Card Industry Data Security Standard (PCI DSS) is a crucial security standard for protecting personal data during credit card transactions — and managing PCI compliance is essential for businesses that handle such data. The latest PCI DSS standard, Version 4.0, goes into effect March 2024. Organizations will need to adapt to new requirements and maintain compliance to safeguard sensitive information.
Read Post
riskoptics

Cross-Mapping and GRC Compliance

Mar 19, 2024 By RiskOptics In RiskOptics
As businesses grow, they encounter more regulatory requirements — and soon enough, those requirements can feel like a straitjacket of overlapping obligations. The way to wriggle free from that straitjacket is to develop strong governance, risk, and compliance (GRC) capabilities. One important GRC capability is control mapping: mapping various regulatory requirements to specific controls your business does (or does not yet) have, so that you can see where you need to introduce new controls.
Read Post
SecurityScorecard

Celebrating Cybersecurity Excellence: Forbes Most Cybersecure Banks, 2024

Mar 19, 2024 By SecurityScorecard In SecurityScorecard
To recognize best-in-class consumer financial institutions and their Chief Information Security Officers (CISOs), Forbes just released its 2024 list of the top 50 consumer banks with the most robust cybersecurity. Together with Forbes, we are proud to recognize top CISOs and their dedication to safeguarding customer data.
Read Post
idstrong

What is an Incident Response?

Mar 19, 2024 By Steven In IDStrong
After a bank heist, the work begins with specialized teams and plans engaged, allowing for analysis of the event, and from this analysis, the bank can prepare a response to the incident. The incident response may include stricter entry protocols, additional guards inside or around the building, or the installation of metal detectors, ID scanners, and panes of bulletproof glass surrounding the tellers.
Read Post
splunk

Elevating Security Intelligence with Splunk UBA's Machine Learning Models

Mar 19, 2024 By Cui Lin In Splunk
One of the most challenging aspects of running an effective Security Operations Center (SOC) is how to account for the high volume of notable events that actually do not present a risk to business. These events often include common occurrences like users forgetting their passwords a ridiculous number of times or accessing systems at odd hours for valid reasons. Despite their benign nature, struggling to handle the volume of such potential threats may often overwhelm limited staff.
Read Post
mend

Mend.io Launches Mend Container

Mar 19, 2024 By AJ Starita In Mend
While cloud-native development brilliantly solves problems related to scalability and effective resource use, a more complex architecture and new security challenges come along for the ride as well. The added layer of abstraction of container architecture can make tracking down vulnerabilities and poorly stored secrets, assessing true risk, and enforcing policies difficult for security teams using only traditional AppSec tools.
Read Post
cyberhaven

The cubicle culprits: how in-office employees are leading the charge in corporate data exfiltration

Mar 19, 2024 By Cameron Coles In Cyberhaven
In the wake of evolving work arrangements, the spotlight often falls on remote and hybrid employees as potential threats to data security. Yet, our latest research uncovers a surprising twist in the narrative. It’s the in-office employees, traditionally considered the safest bet, who are now leading the charge in corporate data exfiltration.
Read Post
securitysenses

Mahjong Titans: Understanding Its Popularity and Appeal

Mar 19, 2024 By SecuritySenses In SecuritySenses
Ever asked yourself how some games manage to remain popular for decades and appeal to people of different ages because of their charisma and level of difficulty? Mahjong Titans is one of those games that can be seen even in the digital space today, and it still manages to captivate and amuse people. It contains elements of strategy, requires agility, as well as depends on fortune - all of which explain why it is so interesting and popular. However, what is it about Mahjong titans which makes many people love it?
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.