Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

New Ransomware Threat Group Calls Attack Victims to Ensure Payments

Jul 17, 2024 By Stu Sjouwerman In KnowBe4
Analysis of new ransomware group Volcano Demon provides a detailed look into how and why calling victims ups the chances of ransomware payment. Security researchers at Halcyon have uncovered a new ransomware threat group that initially follows traditional methods – harvesting admin credentials, data exfiltrated to a C2 server, logs cleared and data was encrypted using LukaLocker. However, Volcano Demon attacks take a different direction in the extortion phase.
Read Post
Trustwave

6 Steps on How to Respond to a Data Breach Before it Ruins Your Business

Jul 17, 2024 By Trustwave In Trustwave
Too many consumers have awoken one morning to find messages from a retailer or their bank detailing purchases made through their account of which they were unaware. While the realization that they have been hacked will cause some well-deserved panic for the account holder, it usually only takes a few phone calls to cancel purchases, change a password, and cancel a credit card to put a stop to the problem.
Read Post
datadog

Detect SSRF attacks in cloud applications and APIs

Jul 17, 2024 By Mallory Mooney In Datadog
APIs can be vulnerable to a wide variety of attacks, such as poor inventory management and access controls, making them a primary target for attackers. Server-side request forgery (SSRF) is one type of attack that has become more prominent with the rising use of public clouds. This is primarily due to new development practices like using Instance Metadata Services (IMDS) to access valuable information about deployed instances, such as credentials.
Read Post

Everything to prepare for the 90-day SSL/TLS certificate validity proposal

Jul 17, 2024 By ManageEngine In ManageEngine
In a recent proposal, Google has expressed its intention to reduce the validity of SSL/TLS certificates to 90 days, a reduction from the current validity of 398 days. The move is focused on ensuring faster security updates, improving adoption of newer cryptographic standards, and eliminating the reliance on imperfect revocation systems. While this move promises several security benefits, without a proper certificate life cycle management (CLM) solution in place, enterprises will face operational nightmares when the proposal becomes a mandate. Is your business ready for this change?
View Video

Reveal Your Network's Hidden Weaknesses with KnowBe4's BreachSim Data Exfiltration Simulator

Jul 17, 2024 By KnowBe4 In KnowBe4
As cyber threats evolve, the target has become crystal clear: your data. A staggering 90% of ransomware attacks now include a data exfiltration component. With this in mind, KnowBe4 has introduced a robust free tool, BreachSim, to identify your network's vulnerabilities and shore up your cyber defenses. Financial losses, reputation damage, intellectual property theft, regulatory repercussions and operational disruptions are just a few of the harsh consequences of data exfiltration assaults. KnowBe4 BreachSim can help you nip these risks in the bud.
View Video
idstrong

What is Hashing and How Does It Work in Cyber Security?

Jul 17, 2024 By Steven In IDStrong
Hashing transforms a key or set of characters into a unique value from the original input, all for cybersecurity data validation and integrity checking. Hashing is a one-way process based on creating a value to associate with a specific data set. Security solutions providers like IDStrong use the highest level of hashing and encryption to protect their users' information. Organizations like IDStrong understand how critical safeguarding their consumer’s credentials is.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.