Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Rubrik

WED2B Prevents Disruption from Ransomware Attack Using Rubrik in 24 Hours

Jan 12, 2022 By Aubrey Champagne In Rubrik

It was 11 PM on a Friday in November of 2019. WED2B IT systems administrator Jamie Jeeves started receiving a barrage of email alerts warning that antivirus (AV) clients were crashing in the company’s central office. All prospects for a relaxing weekend vanished when Jeeves logged into the remote system to investigate the AV shutdowns. While checking the network’s file share, Jeeves noticed they were in trouble. Mass encryption of data was underway.

Read Post

CISO Insider - S3E1 - Radical transparency with Robert Former

Jan 12, 2022 By Nightfall In Nightfall
In our Season 3 premiere of CISO Insider, Acquia VP of Security and CISO Robert Former discusses working as a cybersecurity leader today. Robert shares how radical transparency has helped him at every step of his career: making the right decisions for his org by accepting the right levels of risk, effectively managing data security and compliance in a Platform as a Service environment, and maintaining the connections necessary to make remote work successful.
View Video

PCI DSS Compliance Check List & Best Practices You Should Be Knowing

Jan 12, 2022 By VISTA InfoSec In VISTA InfoSec
PCI DSS can be very challenging for businesses to achieve, especially when they have limited resources to get things in place. Moreover, understanding the requirements and implementing measures to meet the 12 PCI DSS requirement is altogether a different challenge. Businesses need to consider many aspects when undergoing an Audit and ensuring it is a success. Achieving PCI DSS Compliance requires establishing, updating, and constantly reviewing policies, procedures, and processes. This in turn ensures securing of sensitive data and IT Infrastructure.
View Video

7 Best Security Practices to Protect Against the Main Types of Attacks on Web Applications

Jan 12, 2022 By Indusface In Indusface
As the world becomes more digital and interconnected, futuristic technologies such as IoT, 5G technology, quantum computing, and AI are bringing in limitless opportunities along with a whole range of threats and risks. The result – web application attacks are commonplace today with businesses being affected every day. About Indusface: Indusface is a SaaS company that secures critical Web applications of 2000+ global customers using its award-winning platform that integrates Web application scanner, Web application firewall, CDN, and threat information engine.
View Video
CrowdStrike

noPac Exploit: Latest Microsoft AD Flaw May Lead to Total Domain Compromise in Seconds

Jan 11, 2022 By Alex Talyanski In CrowdStrike

Microsoft recently published two critical CVEs related to Active Directory (CVE-2021-42278 and CVE-2021-42287), which when combined by a malicious actor could lead to privilege escalation with a direct path to a compromised domain. In mid-December 2021, a public exploit that combined these two Microsoft Active Directory design flaws (referred also as “noPac”) was released.

Read Post
alienvault

Introducing next-generation firewall from Palo Alto Networks to support 5G-enabled IoT, OT and IT use cases

Jan 11, 2022 By Lisa Ashjian In AT&T Cybersecurity

Enterprises know they need defenses integrated into each aspect of their network while not being an inhibitor to innovation. Digital transformation realized through new 5G-enabled IoT, Operational Technologies (OT) and IT use cases are no exception. Therefore, security teams need to take a closer look at the best technology to support this innovation.

Read Post
CrowdStrike

CrowdStrike Services Offers Incident Response Tracker for the DFIR Community

Jan 11, 2022 By Paul Pratley, Mark Goudie In CrowdStrike

During a recent client engagement for a tabletop exercise (TTX), it became apparent that the client did not have a methodology for tracking indicators and building an incident timeline. The CrowdStrike Services team wanted to provide more information to our client on how incidents can and should be tracked, but nothing was available in the public domain.

Read Post
appknox

Understanding Insecure Direct Object References (IDOR)

Jan 11, 2022 By Rahul Kadavil In Appknox

IDOR is a broken access control vulnerability where invalidated user input can be used to perform unauthorized access to application functions. IDOR can result in sensitive information disclosure, information tampering etc. This issue was previously part of OWASP top 10 2007, later it was merged with OWASP top 10 A5 Broken Access control vulnerability.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.