Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

API Security: 200 is Not Always Okay, and How to Cope with This

Dec 3, 2024 By Graylog In Graylog
While a 200 OK status often signals success, its appearance can be deceiving, especially when it cloaks significant threats within API interactions. This session expands on the critical role of APIs as part of the broader attack surface essential for robust Threat Detection, Identification, and Response (TDIR) programs. We’ll explore intricate case studies where seemingly successful responses harbored risks that bypass traditional monitoring. Learn how to enhance your SIEM capabilities by effectively detecting anomalies in API traffic, ensuring that every layer of interaction is scrutinized—not just the surface.
View Video
cloudflare

From deals to DDoS: exploring Cyber Week 2024 Internet trends

Dec 3, 2024 By João Tomé In Cloudflare
In 2024, Thanksgiving (November 28), Black Friday (November 29), and Cyber Monday (December 2) significantly impacted Internet traffic, similar to trends seen in 2023 and previous years. This year, Thanksgiving in the US drove a 20% drop in daily traffic compared to the previous week, with a notable 33% dip at 15:45 ET. In contrast, Black Friday and Cyber Monday drove traffic spikes. But how global is this trend, and do attacks increase during Cyber Week?
Read Post
bitsight

PROXY.AM Powered by Socks5Systemz Botnet

Dec 3, 2024 By Bitsight TRACE In BitSight
A year ago, Bitsight TRACE published a blog post on Socks55Systemz,a proxy malware with minimal mentions in the threat intelligence community at the time. In that post, we correlated a Telegram user to the botnet operation and estimated its size at around 10,000 compromised systems. After a year-long investigation, we are shedding new light on these conclusions.
Read Post
netacea

Protecting Your Business from Web Scraping as a Service

Dec 3, 2024 By Alex McConnell In Netacea
Since the early days of the World Wide Web, automated scripts known as bots have been crawling cyberspace, collecting data for various purposes. Initially, these bots were designed to be helpful, cataloging information much like search engines such as Google and Bing do today. However, the volume of automated requests has grown significantly. Today, bots account for a substantial portion of web traffic, costing businesses considerable resources to handle unwanted or malicious requests.
Read Post
Arctic Wolf

CVE-2024-42448: Veeam Discloses Critical RCE Vulnerability in Service Provider Console

Dec 3, 2024 By Andres Ramos In Arctic Wolf
On December 3, 2024, Veeam disclosed a critical vulnerability within the Veeam Service Provider Console (VSPC), tracked as CVE-2024-42448, which was discovered during internal testing. VSPC is a management tool designed for service providers to manage customer backups. The vulnerability allows a remote threat actor to perform Remote Code Execution (RCE) on the VSPC server machine from an authorized VSPC management agent machine.
Read Post
WatchGuard

New NIST Guidelines: Rethinking Passwords

Dec 3, 2024 By Sam Manjarres In WatchGuard
The National Institute of Standards and Technology (NIST) issued a new perspective on password management policies, recognizing that many traditional practices used to ensure password security are no longer effective. The suggested practices to eliminate include not requiring periodic password changes, reducing restrictions on special characters, and discontinuing the use of security questions for account recovery.
Read Post
Torq

5 Secrets of a SOC Leader Turned Field CISO

Dec 3, 2024 By Patrick "PO" Orzechowski In Torq
Torq is thrilled to have Patrick Orzechowski (also known as “PO”) on board as our new Field CISO, bringing his expertise and years of experience as a SOC leader to our customers. PO is a seasoned security veteran with a deep understanding of the modern security landscape. By way of introduction, below he shares his five top pieces of advice for SOC leaders facing today’s security challenges.
Read Post

How to Hide & Disable default WP Login form? | WordPress SSO Security

Dec 3, 2024 By miniOrange In miniOrange
Say Goodbye to Login Hassles with WordPress SSO! Tired of remembering multiple passwords on your WordPress site? With miniOrange's Hide and Disable WordPress Login feature, you can completely hide the default login form and implement a Single Sign-On WordPress option with your preferred Identity Provider. This game-changing solution not only simplifies access but also elevates your WordPress admin login security.
View Video

Web Shell Upload Via Extension Blacklist Bypass - Part 2

Dec 3, 2024 By VISTA InfoSec In VISTA InfoSec
Web shell attacks are a critical and growing threat, often evading traditional defenses. In this Part 2 of our exploration into web shell attacks, we uncover how attackers leverage extension blacklist bypasses to upload malicious web shells and compromise systems. Stay informed! Like, comment, and subscribe for more expert insights into cyber threats and effective defense strategies. For Collaboration and Business enquiries, please use the contact information below.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.