Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Random but Memorable - Episode 13.2: Worst Computer Outage Apocalypse with Geoff White

Aug 6, 2024 By 1Password In 1Password
What was the cause of the worst cyber event in history? In Watchtower Weekly, we unpack how a small bug in Crowdstrike software caused an outage apocalypse across the globe. Agony Aunt Roo also answers all your security woes in #Ask1Password. Plus, we welcome back friend-of-the-show Geoff White, for story time as he gives a peek into his latest book: Rinsed. Settle in, as Geoff reveals how much technology has revolutionized money laundering, from drug cartels washing their cash in Bitcoin to organized fraud gangs recruiting money mules on social media.
View Video
Forescout

Firmware Vulnerabilities Run Rampant in Cellular Routers

Aug 6, 2024 By Forescout Research - Vedere Labs In Forescout
The current state of OT/IOT security is being repainted with a new coat of risk. The shade of color? Cellular routers and the vulnerabilities within firmware. In our new report with Finite State, our joint research explores the risks organizations face within the software supply chains of OT/IoT routers. Hardware has firmware – operational software – within its memory components.
Read Post
splunk

LLM Security: Splunk & OWASP Top 10 for LLM-based Applications

Aug 6, 2024 By James Hodgkinson In Splunk
As a small kid, I remember watching flying monkeys, talking lions, and houses landing on evil witches in the film The Wizard of Oz and thinking how amazing it was. Once the curtain pulled back, exposing the wizard as a smart but ordinary person, I felt slightly let down. The recent explosion of AI, and more specifically, large language models (LLMs), feels similar. On the surface, they look like magic, but behind the curtain, LLMs are just complex systems created by humans.
Read Post
levelblue

Hijacked: How Cybercriminals Are Turning Anti-Virus Software Against You

Aug 6, 2024 By Fernando Dominguez In LevelBlue
LevelBlue Labs has identified a new evolution in the toolset of threat actors. Threat actors are hijacking legitimate anti-virus software to carry out malicious activities undetected. A new tool, named SbaProxy, has been found masquerading as legitimate anti-virus components to establish proxy connections through a command and control (C&C) server.
Read Post
Trustwave

Trustwave Managed Vulnerability Scanning Shines a Light on Vulnerabilities

Aug 6, 2024 By Trustwave In Trustwave
The digital landscape constantly shifts, presenting exciting opportunities and lurking threats for businesses of all sizes. In this ever-evolving environment, maintaining a secure network is no longer a luxury; it's a necessity. However, achieving true security requires more than just firewalls and antivirus software. It demands a comprehensive understanding of your network's vulnerabilities – the chinks in your digital armor that attackers could exploit.
Read Post
ionix

Is Gartner Waving 'Bye Bye Bye' to EASM?

Aug 6, 2024 By Marc Gaffan In IONIX
TLDR: The ways that organizations find and fix security exposures have been flawed for years. Traditional vulnerability management (VM) programs have failed to address the core issues. What’s worse, the relatively new category of External Attack Surface Management (EASM) has not solved the problems it aimed to solve. But hope, in the form of Exposure Management, is on the way.
Read Post
netacea

Why Do Credential Stuffing Bots Target Live Streaming Events?

Aug 6, 2024 By Alex McConnell In Netacea
Streaming services are one of the most popular targets for cybercriminals. Using automated bots, attackers steal millions of streaming accounts each month. Adversaries quickly sell these via illegal marketplaces to make massive profits. Although any streaming service is vulnerable to account takeover and credential stuffing attacks, there are additional risks and damages when live event streaming is on offer.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.