Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

netwrix

Understanding NTLM and Kerberos: Key Differences and Use Cases

Mar 26, 2025 By Joe Dibley In Netwrix
Connecting all your company resources in a network for sharing is valuable, but you need a way to verify that only authorized users and devices can access these resources. Authentication serves this purpose by providing methods for users and devices to prove their identity. In Windows environments, two main authentication protocols are used: NTLM (New Technology LAN Manager) and Kerberos. In this article we will discuss NTLM vs Kerberos and show why it is important to implement Kerberos if possible.
Read Post
nightfall

Insider Risk with Nightfall DLP: Episode 2 - Managing Shadow AI

Mar 26, 2025 By Chris Martinez In Nightfall
Earlier this year, security researchers found more than 1 million records, including user data and API keys, in an exposed DeepSeek database. This massive exposure event tells us that data exfiltration risk and AI proliferation are forever linked together: as AI tools grow in popularity and complexity, exfiltration risk rises in kind.
Read Post
graylog

Adversary Tradecraft: Emulating Mustang Panda's Use of MAVInject in Recent Campaigns

Mar 26, 2025 By Graylog Security In Graylog
In cybersecurity, the adage “what’s old is new” continues to hold true as attackers resurface longstanding techniques or repurpose them with new twists and adaptations. The popularization of Living Off the Land Binaries (LOLBins) — legitimate, Windows-native tools commonly abused for malicious uses — is a great example of this.
Read Post
centripetal

Security Bulletin: Critical Vulnerabilities in Kubernetes Ingress NGINX Controller

Mar 26, 2025 By Lauren Farrell In Centripetal
CVE-2025-1974 is a critical remote code execution (RCE) vulnerability in Kubernetes’ Ingress-NGINX Controller that allows unauthenticated attackers with network access to inject arbitrary NGINX configuration directives, potentially leading to full cluster compromise. Ingress-NGINX is a software-only ingress controller provided by the Kubernetes project. Because of its versatility and ease of use, ingress-nginx is quite popular: it is deployed in over 40% of Kubernetes clusters.
Read Post
centripetal

Does Higher Ed Mean Higher Risk? Why University Campuses Are Under Threat

Mar 26, 2025 By Lauren Farrell In Centripetal
Universities are built for openness, but that openness comes with a steep price. Higher education institutions face an average of 3,574 cyberattacks per week, the highest of any industry. With open networks, unmanaged devices, and critical research infrastructure, they have become a prime target for cybercriminals, nation-state actors, and ransomware groups.
Read Post
elastic

Hunting with Elastic Security: Unmasking concealed artifacts with Elastic Stack insights

Mar 26, 2025 By Justin Higdon In Elastic
Attackers thrive in the shadows, using MITRE ATT&CK T1564 - Hide Artifacts to cloak their presence with hidden files, concealed processes, and manipulated registry keys. These stealth tactics allow adversaries to evade detection, persist undetected, and escalate their access — all while quietly exfiltrating data or disrupting operations. Imagine files, processes, and even user accounts disappearing in your environment without a trace.
Read Post
Tines

Smarter collaboration begins with Tines Pages

Mar 26, 2025 By Hannah Roy In Tines
When we first introduced Pages, it started with a few updates to our forms tool. We took a simple form and added more dynamic page elements and a formal page editor. That led to granular access, customization, and so much more to make it the powerful feature it is today. Now, teams can build polished and efficient apps for stronger collaboration and communication across the entire organization.
Read Post
securitysenses

What is SEO in SaaS?

Mar 26, 2025 By SecuritySenses In SecuritySenses
The success of a Software-as-a-Service business hinges on its online visibility. One of the most crucial aspects of achieving that visibility is Search Engine Optimization. But only a few know what exactly SEO means for SaaS companies, and how it differs from traditional practices. In this article, we will explore the significance of SEO for SaaS, how it works, and the specific strategies that can help SaaS businesses rank higher on search engines.
Read Post
securitysenses

Master Malware Analysis: Boost Your Skills with This In-Depth Course

Mar 26, 2025 By SecuritySenses In SecuritySenses
In today's rapidly changing technological landscape, information quickly becomes outdated. That's why strong practical skills and experience are so important for tech specialists. A solid skillset guarantees that they'll be ready to explore the uncharted territory of constantly evolving tools and emerging threats. But how do you achieve that as an aspiring cybersecurity specialist? Despite the fact that cybercrimes are on the rise and cybersecurity specialists are in high demand, there aren't many educational products that offer relevant hands-on knowledge in this field.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.