Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

netacea

Why should businesses move from a bundler to a bot expert?

Apr 14, 2021 By Sabrina In Netacea

Traditionally, when selecting a bot management solution, businesses have chosen a multi-purpose security bundle bolted on to a content delivery network (CDN), typically a product such as an Akamai or CloudFlare CDN. While bolt-on bot solutions have their benefits, they lack the comprehensive feature set needed to combat the ever-growing bot threat.

Read Post
jfrog

Automatically Assess and Remediate the SolarWinds Hack

Apr 14, 2021 By Frank Zhu In JFrog

With software supply chain attacks on the rise, are you wondering how you can recover quickly from the recent SolarWinds breach at your company? Months after its discovery, the devastating SolarWinds hack remains a top concern for business, government and IT leaders. This destructive supply chain attack put the spotlight on software development security — a critical issue for the DevOps community.

Read Post
alienvault

Advanced mobile protection through the AlienApp for MobileIron

Apr 13, 2021 By Ziv Hagbi In AT&T Cybersecurity

Companies of all sizes need clear and cohesive security visibility over every aspect of their organization. As data and assets are trending to mobile, it’s critical to be equipped with the right tools to gain insights on mobile devices and users on the endpoints and mitigate threats whenever needed.

Read Post

OWASP Top 10 API security vulnerabilities | API security risks

Apr 13, 2021 By Cyphere In Cyphere
OWASP API security top 10 is an API security project that focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of Application Programming Interfaces (APIs). Through community-led projects globally, it is a great source for tools, resources, education & training for developers and technologists to secure the web and mobile applications. This community has also produced some of the best testing guides, cheat sheets, methodologies and a lot of community work for which all of us are grateful.
View Video
appknox

5 Ways Your Cryptocurrency May be Hacked

Apr 13, 2021 By Erika Rykun In Appknox

Over time technologies evolved and now things that seemed to be not possible several years ago become the reality. Now you can order food, services, and basically anything you need online, and pay for it without leaving home. No surprise here, that cash payments are becoming a relic of the past. Along with wireless payments like Google or Apple pay (that still require assigning a banking account or card i.e. physical currency), the cryptocurrencies like Bitcoin are getting widely used.

Read Post
sysdig

Unveil hidden malicious processes with Falco in cloud-native environments

Apr 13, 2021 By Kaizhe Huang In Sysdig

Detecting malicious processes is already complicated in cloud-native environments, as without the proper tools they are black boxes. It becomes even more complicated if those malicious processes are hidden. A malware using open source tools to evade detection has been reported. The open source project used by the malware is libprocesshider, a tool created by Sysdig’s former chief architect Gianluca.

Read Post

Bits of Security, Snyk.io: Stranger Danger: Finding Security Vulnerabilities Before They Find You!

Apr 13, 2021 By Datadog In Datadog
Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk, since you’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce critical vulnerabilities into your application, exposing your application and your user's data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we'll explain why it happened, show its impact, and—most importantly—learn how to avoid or fix it.
View Video

Bits of Security, PedidosYa: Fraud Detection using Datadog and Sherlock

Apr 13, 2021 By Datadog In Datadog
From day one, most organizations,especially the big ones, are targeted with a broad range of attacks. These range from information exfiltration attempts to fraud. Although a great majority of them can be addressed with the help of a Web Application Firewall, there are some that require more extensive tooling. Join me as I show you how we use Sherlock and Datadog to block 30,000+ fraudulent users per week in seconds. We will also discuss other applications and how you can implement similar solutions.
View Video
xona systems

Taking an IT-Focused Approach to Securing OT Remote Operations at Municipal Utilities May be Risking Lives

Apr 13, 2021 By Bill Moore In Xona

The Oldsmar, Florida, water breach is two months behind us, but the lessons learned will continue to reverberate for thousands of budget-constrained municipal utilities in North America, as well as other regions across the world.

Read Post
netskope

Cloud Threats Memo: LinkedIn Spearphishing and Malware-as-a-Service

Apr 13, 2021 By Paolo Passeri In Netskope

‘More_eggs’ is a backdoor sold as a “malware-as-a-service” (MaaS) by a threat group known as “Golden Chickens” and predominantly used by three criminal groups: FIN6, Cobalt Group, and Evilnum. In the latest campaign, unearthed by researchers from eSentire and targeting a professional working in the healthcare technology industry, a threat actor is exploiting fake job offers on LinkedIn to deploy the ‘More_eggs’ backdoor on the victim’s machine.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.