Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

upguard

What is Cyber Supply Chain Risk Management?

Oct 31, 2024 By Edward Kost In UpGuard
Cyber supply chain risk management (C-SCRM) is the process of identifying, assessing, and mitigating cybersecurity risks associated with an organization’s supply chain. Supply chains comprise multiple attack vectors, ranging from procurement tools to suppliers, developers, and third-party services. The complexity of this attack surface warrants a risk management strategy focused on supply chain risks as an extension to an existing third-party risk management program.
Read Post
veriato

Beyond UEBA: Elevating Insider Risk Management with Behavioral Intelligence

Oct 30, 2024 By Veriato Team In Veriato
Insider risk management is more critical than ever as human error and insider threats drive escalating security breaches. While many organizations have adopted User and Entity Behavior Analytics (UEBA) to monitor potential risks, relying solely on UEBA may fall short of the depth needed to stay ahead of these increasingly complex threats.
Read Post

Why Risk-Based Vulnerability Management (RBVM) Increases Your Security Debt, and How You Can Fix It

Oct 30, 2024 By Nucleus In Nucleus
In this Nucleus webinar, we take a deep dive into the practical challenges and strategies for managing security debt in the context of Risk-Based Vulnerability Management (RBVM). Scott Kuffer, co-founder of Nucleus Security and veteran in vulnerability management, explains how RBVM has shifted from a holistic risk reduction approach to a prioritization-heavy process that often falls short. He discusses why traditional methods lead to excessive security debt and demonstrates how aligning VM processes with product management principles can create more efficient, business-centric remediation.
View Video
securitysenses

Best Practices for Protecting Drone Data in Commercial Applications

Oct 30, 2024 By SecuritySenses In SecuritySenses
Hey there, tech enthusiasts and masters of the skies! With the soaring ascent of drones in commercial applications, it's not just about nailing the perfect aerial shot anymore-it's also about locking down that precious data. Drones are busy bees, collecting loads of info that need protection just as much as any ground-based data trove. We've all heard the horror stories of data breaches resulting in hefty fines and reputational damage. That's why I'm here to guide you through the labyrinth of drone data security, helping your business keep its digital treasures under a virtual lock and key.
Read Post
upguard

Understanding CVE-2024-47176: Mitigating CUPS Vulnerabilities

Oct 29, 2024 By UpGuard Team In UpGuard
The Common UNIX Printing System (CUPS) is a widely used printing system on Unix-like operating systems, but recent vulnerabilities have exposed significant risks. The most critical is CVE-2024-47176, which affects the cups-browsed service by binding to the IP address INADDR_ANY:631. This configuration flaw causes it to trust all incoming packets, leading to potential remote code execution when interacting with malicious printers. This vulnerability is part of a chain of exploits, including.
Read Post
SecurityScorecard

Inside a North Korean Phishing Operation Targeting DevOps Employees

Oct 29, 2024 By SecurityScorecard In SecurityScorecard
Sophisticated threat actors are increasingly targeting organizations with tailored phishing campaigns. Recently, SecurityScorecard detected a similar attempt against our team—and stopped it in its tracks. We’re sharing our findings to support the InfoSec community and strengthen collective defenses against continually evolving threats.
Read Post
SecurityScorecard

The Job Offer That Wasn't: How We Stopped an Espionage Plot

Oct 29, 2024 By SecurityScorecard In SecurityScorecard
In cybersecurity, transparency matters—because none of us are immune. Increasingly, we’re seeing threat actors hone in on specific organizations. When we detected the recent “Contagious Interview” campaign targeting one of our own, our team acted fast to stop it in its tracks. We’re sharing this story so others can see how easily these attacks unfold—and how quickly they need to be stopped to protect the community.
Read Post
securitysenses

Cost of Ignoring Data Replication: Risks for Modern Businesses

Oct 28, 2024 By SecuritySenses In SecuritySenses
Data replication allows businesses to operate efficiently. The process involves copying data files across multiple systems or locations. At its core, replication prevents downtime and ensures data is synchronized in case of accidental deletion. However, this move could expose your business to risks like data inconsistencies, data loss, limited scalability, and compliance issues. This article will discuss the cost of ignoring data replication for modern businesses.
Read Post
Razorthorn

Unlocking the Potential of GRC Tools: A Path to Strategic Risk Management

Oct 25, 2024 By Razorthorn In Razorthorn
By James Rees, MD, Razorthorn Security In today’s complex cybersecurity landscape, Governance, Risk and Compliance (GRC) tools have become essential for organisations managing intricate security ecosystems. These tools are designed to centralise information, streamline processes and offer crucial insights into an organisation’s risk posture. However, as cybersecurity expert Jack Jones revealed when he joined me on a recent podcast, the reality often falls short of these ambitious claims.
Read Post

Introducing the Risk Management Dashboard

Oct 25, 2024 By Keeper In Keeper
The Keeper Risk Management Dashboard is a powerful feature of the Keeper Admin Console that provides comprehensive security posture information covering end-user deployment, utilization, cloud configuration, and event monitoring. This critical data helps administrators ensure that risks are remediated and compliance is enforced effectively.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.