Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Trustwave

Multiple Cross-Site Scripting (XSS) Vulnerabilities in REDCap (CVE-2024-37394, CVE-2024-37395, and CVE-2024-37396)

Jul 30, 2024 By Hamza Hussain In Trustwave
Trustwave SpiderLabs uncovered multiple stored cross-site scripting (XSS) vulnerabilities (CVE-2024-37394, CVE-2024-37395, and CVE-2024-37396) in REDCap (Research Electronic Data Capture), a widely used web application for building and managing online surveys and databases in research environments. These vulnerabilities, if exploited, could allow attackers to execute malicious JavaScript code in victims' browsers, potentially compromising sensitive data.
Read Post

Tines Idea: Simplify Security Alerts with AI in Tines

Jul 30, 2024 By Tines In Tines
From transforming data with a prompt and generated code, to directly accessing and using a language model in your workflows, our AI features make automation even more accessible and efficient for anyone in your organization. Learn how you can take multi-source security alert workflows from 25 actions to 3, reducing the potential for error and making it simpler to make updates like adding sources, change rule definitions, and more.
View Video

Data Modernization: The Evolution of Data Sharing

Jul 30, 2024 By Protegrity In Protegrity
Primitive information sharing has greatly evolved, creating a kaleidoscope of various ways we communicate and share information, both publicly and privately. This change in data ecosystems affects you – data owners responsible for how data is distributed, protected, and accessed hold sensitive data in the palms of their hands. As we continue to evolve, data protection should be in the center of any business strategy, and relying on Snowflake or AWS security plans is not enough. Discover how modernizing your data processes and investing in your data protection changes the way you do business.
View Video
wallarm

CVE-2024-41110: Once Again, Docker Addresses API Vulnerability That Can Bypass Auth Plugins

Jul 30, 2024 By Wallarm In Wallarm
A significant vulnerability (CVE-2024-41110) was recently discovered in Docker Engine version 18.09.1.Although the issue was identified and fixed in 2019, the patch did not apply to other major versions, resulting in regression. The vulnerability was assigned a CVSS score of 10 (critical).
Read Post
nucleus

Operationalize EPSS Scoring to Build Mature and Proactive Vulnerability Management

Jul 30, 2024 By Corey Tomlinson In Nucleus
Cybersecurity teams across all disciplines, including vulnerability management, are challenged to move faster than ever before. Whether it’s responding to a security incident, finding a new vulnerability, or stopping an attack, speed is at a premium.
Read Post
Arctic Wolf

Is Ransomware Malware?

Jul 30, 2024 By Arctic Wolf In Arctic Wolf
Over the past few years, ransomware attack rates and ransom amounts have climbed so significantly that the cyber attack has broken out of the IT and security community to capture headlines around the world. In early May 2021, a suspected Russian hacking group took Colonial Pipeline — which provides 45% of the East Coast’s supply of gasoline, diesel fuel, and jet fuel — offline for more than three days in an attack that made ransomware a household word.
Read Post

DORA and NIS2: How to Ensure Compliance and Enhance Cyber Resilience

Jul 30, 2024 By Rubrik In Rubrik
In this episode of CISO Conversations: EU Data Regulations, Richard Cassidy, EMEA Field CISO at Rubrik is joined by Jack Poller to discuss the key differences between DORA and NIS2, how they can help enhance resilience against cyber threat, and what steps organizations need to take to ensure compliance.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.