Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Vendor's Survival Guide to Security Questionnaires | TrustTalks Ep 5 | Security and GRC Podcast

Nov 27, 2024 By TrustCloud In TrustCloud
Seeking a solution that streamlines vendor risk management and automates security questionnaires? Imagine a tool that offers a comprehensive portal, securely shares information, uses AI to handle responses, and frees up your evenings. It might sound too good to be true, but with ⁠TrustShare⁠, it’s a reality. Forget the hassle of maintaining a knowledge base or configuring tools meant for RFPs. TrustShare takes care of everything, from AI-driven responses to seamless information sharing, which leads to faster sales cycles.
View Video
knowbe4

75% of Black Friday Spam Emails Are Scams

Nov 27, 2024 By Stu Sjouwerman In KnowBe4
Three out of four Black Friday-themed spam emails are scams, according to researchers at Bitdefender. Most of these scams are targeting users in the US and Europe. “This year, 77% of all Black Friday-themed spam (by volume) analyzed by Bitdefender’s Antispam Lab team was classified as scams, while only 22% was identified as marketing lures—emails designed to drive traffic to legitimate but overly aggressive promotions,” the researchers write.
Read Post
knowbe4

CISA Strongly Recommends Phishing-Resistant MFA

Nov 27, 2024 By Roger Grimes In KnowBe4
We are excited to see the Cybersecurity Infrastructure Security Agency (CISA) and outgoing Director Jen Easterly strongly recommend PHISHING-RESISTANT multi-factor authentication (MFA). The majority of people, including the majority of cybersecurity practitioners, do not know that most MFA…especially the most popular types used today (e.g., one-time passwords, pushed-based, SMS-based, etc.), can be as easily phished or bypassed as the passwords they were intended to replace.
Read Post
knowbe4

Nearly Every Hacker Believes AI Tools Have Created a New Attack Vector

Nov 27, 2024 By Stu Sjouwerman In KnowBe4
A new survey of hackers shows that AI is not only empowering hackers to be more effective, but that AI itself is “ripe for exploitation.” Rarely do we get to ask a hacker “what do you think” when it comes to cyber attacks, cybersecurity efforts, and what they think the future will hold. But Bugcrowd’s 2024 Inside the Mind of a Hacker Report (which surveyed 1300 hackers) hosts a treasure trove of data around how hackers see AI and the value it brings.
Read Post
Trustwave

Why a Zero Trust Architecture Must Include Database Security

Nov 27, 2024 By Trustwave In Trustwave
Whether the means of a cyber-attack are phishing, ransomware, advanced persistent threat, malware, or some combination, the target is ultimately the same: your data. So, as companies seek to implement a zero-trust approach to security, they would do well to include database protection. Interest in Zero Trust is certainly high, with nearly two-thirds (63%) of organizations worldwide having implemented a zero-trust strategy, according to a recent Gartner survey. But it is hardly all-encompassing.
Read Post
Snyk

Why a solid DevOps foundation is vital for effective DevSecOps

Nov 27, 2024 By Ben Desjardins In Snyk
As DevOps adoption has grown, organizations are pushing code into production faster than ever. However, the fast pace of DevOps has led many developers to view security as a bottleneck or afterthought, which means security teams need a new approach to keep up.
Read Post
Trustwave

CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution

Nov 27, 2024 By Pauline Bolaños In Trustwave
On November 20th, 2024, Zero Day Initiative (ZDI) researchers disclosed a critical flaw in 7-Zip. This widely used open-source file archiving software enables remote actors to perform remote code execution (RCE) on vulnerable 7-Zip versions. This vulnerability was originally discovered earlier this year and was reported to 7-Zip in June 2024.
Read Post

[Podcast] ChattinCyber's Unmasking Cyber Threats: The Rise of Spoofing + Phishing with Gideon Hazam

Nov 27, 2024 By Memcyco In Memcyco
Marc Schein is chattin’ with Memcyco's Gideon Hazam in ChattinCyber's latest episode. The conversation provides valuable insights into the challenges posed by spoofing and phishing attacks, the connection between the two, and the need for robust authentication measures to protect against these threats. The discussion highlights the importance of detecting attacks quickly, identifying at-risk users, and implementing effective protection measures to safeguard organizations and their customers.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.