Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Nearly One-Half of IT Pros are Told to Keep Quiet About Security Breaches

Apr 20, 2023 By Stu Sjouwerman In KnowBe4

At a time when cyber attacks are achieving success in varying degrees and IT pros are keeping quiet about resulting breaches, there is one specific type of attack that has them most worried. Despite us all working in IT at a time where the sharing of threat data is at its highest, there is still the notion that organizations don’t want the public finding out about data breaches for fear of the repercussions to the company’s revenue and reputation.

Read Post
knowbe4

OpenAI Transparency Report Highlights How GPT-4 Can be Used to Aid Both Sides of the Cybersecurity Battle

Apr 20, 2023 By Stu Sjouwerman In KnowBe4

The nature of an advanced artificial intelligence (AI) engine such as ChatGPT provides its users with an ability to use and misuse, potentially empowering both security teams and threat actors alike. I’ve previously covered examples of how ChatGPT and other AI engines like it can be used to craft believable business-related phishing emails, malicious code, and more for the threat actor.

Read Post
knowbe4

More Companies with Cyber Insurance Are Hit by Ransomware Than Those Without

Apr 20, 2023 By Stu Sjouwerman In KnowBe4

In an interesting twist, new data hints that organizations with cyber insurance may be relying on it too much, instead of shoring up security to ensure attacks never succeed. Cyber insurance should be seen as an absolute last resort and shouldn’t be seen as a sure thing (in terms of a claim payout).

Read Post
code intelligence

New Vulnerability in MySQL JDBC Driver: RCE and Unauthorized DB Access

Apr 20, 2023 By Roman Wagner In Code Intelligence
We have found a new vulnerability in MySQL Connector/J (CVE-2023-21971). Oracle issued a critical path update that fixed the issue on April 18, 2023. The vulnerability was found as part of our collaboration with Google’s OSS-Fuzz.
Read Post

Secrets Detection JFrog Security Workshop

Apr 20, 2023 By JFrog In JFrog
In today's software development world, developers rely on numerous secrets, including API keys, credentials, and passwords to facilitate seamless interaction between application components as they code. Failing to remove these secrets can have disastrous consequences for businesses, making it essential to find and fix them before release.
View Video

Stronger Together, RSAC 2023: Navigating security events with cyber partners

Apr 20, 2023 By Corelight In Corelight
Whether you’re attending RSA or not, one thing is for certain - attackers are always at work. Furthermore, attackers are always working together without red tape like we have within our corporate infrastructure. That’s why Mandiant/Google, Stairwell, SnapAttack, Nozomi Networks, SentinelOne, and Corelight are hosting a webinar before RSAC 2023 to show how Defenders are also Stronger Together. There is no silver bullet in the cybersecurity space, so come get the conversation started early in an executive panel as we explore how each executive/organization is addressing.
View Video

An Insider's View: The Updated OWASP API Top 10

Apr 20, 2023 By Salt Security In Salt Security
Stephanie Best, Director of Product Marketing, and Yaniv Balmas, VP of Research at Salt Labs, discuss what you need to know about the new 2023 OWASP API Security Top 10 release candidate. As a member of the OWASP committee that helped shaped the latest report, Yaniv takes you behind the scenes to learn what changed, what stayed the same, and why these decisions were made.
View Video

LC101: Extending the LimaCharlie platform

Apr 20, 2023 By LimaCharlie In LimaCharlie
LimaCharlie is a cybersecurity middleware platform to connect sources of security telemetry, automate activity based on what's being observed, and forward data where you need it. LimaCharlie puts you in complete control of your data, allowing you to build the security program that your organization wants and needs. As powerful as the LimaCharlie platform is, we recognize that sometimes analysts need to send data elsewhere, or integrate specific tools for security control testing and incident response. In Part 3 of our LC101 series, we’ll look at options for extending the LimaCharlie platform.
View Video

Introducing Bitsight Third-Party Vulnerability Response

Apr 20, 2023 By BitSight In BitSight
Bitsight Third-Party Vulnerability Response empowers organizations to take action on high priority incidents at a moments notice. Learn how to initiate vendor outreach and track responses to critical vulnerabilities through scalable templated questionnaires —with tailored exposure evidence— for more effective remediation. And grow and build trust across your ecosystem without worrying about expanded risk. Vulnerability Response not only facilitates communication with vendors but also allows you to track responses with more precision, coupling automated, bulk outreach with status updates and insights.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.