Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Episode 5 - Detecting DNS Covert Channels in the Wild (Part 1)

Jan 1, 2026 By Corelight In Corelight
In Episode 5 of Corelight Defenders, I, Richard Bejtlich, engage with Corelight's co-founder and chief scientist, Vern Paxson, to delve into the intricate world of DNS covert channels. We explore how adversaries exploit DNS lookups to silently communicate within tightly controlled enterprise environments. Vern explains various methods attackers may use, from encoding data in seemingly benign domain names to manipulating the timing of requests. Our discussion highlights the challenges of detecting these covert channels, especially in the presence of network monitoring.
View Video
Understanding the Risks of Multi-Location Internet Connectivity

Understanding the Risks of Multi-Location Internet Connectivity

Dec 26, 2025 By SecuritySenses In SecuritySenses
Modern enterprises rarely live in one building anymore. Branches, stores, plants, and remote teams all depend on fast internet to reach apps and data. That reach is powerful, but it also multiplies the ways attackers can find you. The more doors you add, the more locks and alarms you need.
Read Post
Forward Networks

New Configuration Change History in Forward Enterprise

Dec 23, 2025 By Forward Networks In Forward Networks
Modern networks change constantly as teams modify interfaces, adjust routing, enable features, or deploy security controls. Over time, these individual updates create a complex configuration history that is rarely documented comprehensively. Without access to historical configuration data, engineers face significant challenges determining when changes occurred, whether they align with approved change windows, or how they influenced network behavior.
Read Post
Best Practices for Enterprise macOS Security: Tools, Techniques, and Detection Strategies

Best Practices for Enterprise macOS Security: Tools, Techniques, and Detection Strategies

Dec 23, 2025 By SecuritySenses In SecuritySenses
macOS data is increasingly targeted by hackers due to the sensitive information that Macs hold. Users require strong Mac cybersecurity measures to protect themselves from attacks. Combining Mac's built-in security features with third-party solutions provides hardened protection and continuous detection. Endpoint security for Mac best practices improve your enterprise macOS security. Implement secure configurations, effective device management, and real-time detection for advanced protection. Using a multi-protection strategy increases recovery speed and reduces the attack surface.
Read Post
Corelight

Inside the mind of a cybersecurity threat hunter part 3: hunting for adversaries moving inside your network

Dec 22, 2025 By Allen Marin In Corelight
Welcome back to our threat hunting series with Corelight and CrowdStrike. In our previous posts, we armed you with techniques to spot adversaries during Initial Access and how they establish Persistence to maintain their foothold. Now, we're diving into the shadowy dance of Defense Evasion and Lateral Movement.
Read Post
Corelight

Detecting CVE-2025-20393 exploitation: catching UAT-9686 on Cisco appliances

Dec 19, 2025 By David Burkett In Corelight
CVE-2025-20393 is a CVSS 10.0 Remote Code Execution (RCE) flaw in Cisco Secure Email Gateways currently being actively exploited by China-nexus groups. A recent advisory from Cisco Talos details how an actor dubbed “UAT-9686” is leveraging this vulnerability to target Cisco Secure Email Gateways (ESA) and Secure Email and Web Managers (SMA). The attack allows threat actors to execute arbitrary commands with root privileges and deploy persistence mechanisms.
Read Post
cato networks

The Partner Advantage: Turn Customer M&A Chaos Into Opportunity

Dec 18, 2025 By Jessica (Hatz) Blodgett In Cato Networks
Every merger or acquisition follows a familiar script: two companies, two networks, two security stacks, one clock. Partners who deliver Day-1 access quickly, then guide a clean path to standardization and modernization, help customers realize deal value sooner. Do that repeatedly and you become the trusted M&A partner across the portfolio.
Read Post
mend

Why AppSec and Network Risk Management Must Be Unified in the Modern Enterprise

Dec 18, 2025 By Tiffany Jennings In Mend
How Mend.io’s ServiceNow integration helps organizations manage application, network, and operational risks together—at scale. Managing AppSec and network risk as separate programs is no longer realistic for enterprise security teams. Today’s digital environments are interconnected, distributed, and constantly changing. A single misconfiguration, unpatched server, or vulnerable open-source component can become a point of exploitation when combined with weaknesses elsewhere in the stack.
Read Post
algosec

2025 in review: What innovations and milestones defined AlgoSec's transformative year in 2025?

Dec 18, 2025 By Adel Osta Dadan In AlgoSec
As we close out 2025, I find myself reflecting on what has been an extraordinary journey for AlgoSec. This year was marked by breakthrough innovations, significant industry recognition, and an unwavering commitment to our vision of secure application connectivity. From launching game-changing solutions to earning accolades on the global stage, 2025 challenged us to push boundaries – and we rose to the occasion with confidence and purpose.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.