Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sysdig

Detecting and Mitigating the "tj-actions/changed-files" Supply Chain Attack (CVE-2025-30066)

Mar 15, 2025 By Michael Clark In Sysdig
On March 14, 2025, StepSecurity uncovered a compromise in the popular GitHub Action tj-actions/changed-files. Tens of thousands of repositories use this action to track file changes, and it is now known to have been tampered with, posing a risk to both public and private projects. A CVE has been created for this issue: CVE-2025-30066.
Read Post
Trustwave

Q&A with TGS President Bill Rucker on Trustwave's FedRAMP Authorization

Mar 14, 2025 By Trustwave In Trustwave
Trustwave's recent completion of the FedRAMP authorization process increases our ability to provide exceptional service to the federal government, the defense industrial base, and those with Cybersecurity Maturity Model Certification (CMMC) requirements, especially with a cloud service offering. Working with the federal government is hardly new for Trustwave.
Read Post
cyjax

The Future of Threat Intelligence: Trends, Tools, and Tactics To Watch

Mar 14, 2025 By Shail Yadav In CYJAX
In today’s evolving cyber landscape, threat intelligence has become a cornerstone of effective cybersecurity strategies. As cyber threats grow in sophistication and frequency, understanding emerging trends, adopting advanced tools, and implementing proactive tactics are essential for organisations aiming to safeguard their digital assets. Traditionally, threat intelligence has focused on reactive measures, analysing known threats to mitigate potential damage.
Read Post
knowbe4

98% Spike in Phishing Campaigns Leveraging Russian (.ru) Domains

Mar 14, 2025 By KnowBe4 Threat Lab In KnowBe4
A KnowBe4 Threat Lab publication Authors: Martin Kraemer, Jeewan Singh Jalal, Anand Bodke, and James Dyer EXECUTIVE SUMMARY: We observed a 98% rise in phishing campaigns hosted on Russian (.ru) top-level domains (TLDs) from December 2024 to January 2025, primarily used for credential harvesting. These Russian.ru domains are run by so-called “bullet-proof” hosting providers, that are known to keep malicious domains running and ignore abuse reports which is ideal for cybercriminals.
Read Post
trilio

Ensure Application availability with comprehensive Kubernetes Image and Containers Protection in hybrid and multi-cloud environments

Mar 14, 2025 By Rodolfo Casas In Trilio
We recently had a prospect that wanted to test our image and application recover capabilities, in a multi-cloud architecture. Currently they were using an internal OpenShift image registry to store their images, and they wanted/needed to migrate all their applications to a new cluster, and also wanted to use Red Hat’s quay.io to store the images from now on. This proved a very easy task for Trilio, as when we protect applications, we also protect the images.
Read Post
obrela

What is risk & risk management in cyber security?

Mar 14, 2025 By Notis Iliopoulos In Obrela
Cybersecurity risks are a constant and evolving threat. Organizations across industries face vulnerabilities from both internal and external sources, which, if not addressed, can disrupt operations, damage reputations and erode trust. And this is where a structured and comprehensive risk management strategy becomes critical. But what exactly is a risk in cyber security? And what is risk management? Keep reading and find out about essential best practices in cyber risk management.
Read Post

Beyond EDR: Securing Your SaaS Attack Surface with LimaCharlie Adapters

Mar 14, 2025 By LimaCharlie In LimaCharlie
The modern attack surface has shifted beyond endpoints to SaaS applications and cloud identities. Traditional security tools focused solely on endpoint telemetry miss sophisticated attacks that never touch the endpoint. Join Ken Westin to explore how LimaCharlie's adapters provide comprehensive visibility across your SaaS environment. We'll demonstrate collecting and analyzing telemetry from business-critical applications like 1Password and GitHub, plus newly supported platforms like HubSpot.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.