Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Zero-day RCE vulnerability found in CUPS - Common UNIX Printing System

On September 27, 2024, evilsocket.net (Simone Margaritelli) published information about several vulnerabilities in CUPS (Common UNIX Printing System), which can allow for arbitrary remote code execution (RCE). There are currently 4 CVEs associated with these findings, with potentially more on the way. There is also some debate about the severity of these vulnerabilities, however, one of the CVEs was initially given a CVSS score of 9.9. We will update this blog if new information becomes available.

Monitor Slack audit logs with Datadog Cloud SIEM

Millions of enterprise users rely on Slack every day as their primary tool for instant communications and information sharing. Because of its central role in operations, Slack inevitably handles sensitive data and critical business information—which also makes it a high-value target for attackers. For this reason, it’s critically important for security teams to detect and respond to security threats against Slack.

Common Facebook Messenger Scams and How To Avoid Them

Some common scams on Facebook Messenger include requests for authentication codes, fake charity pages asking for donations, messages offering investment advice or even fake giveaways. Facebook Messenger is a messaging service that allows you to share photos, videos and messages with your friends on Facebook. Continue reading to learn what Facebook Messenger scams are, some common scams you may encounter while using Facebook and how you can prevent becoming a victim of these scams.

The IT Hour | macOS Keychain Protection & Fall Releases 09.27.24

Tom Bridge is back to tell us about macOS Keychain Protection & Fall Releases. Join us at 11:30 am ET The #IT Hour hosted by #JumpCloud is a #communityprogram focused on the life of #ITAdministrators. With the ever changing #ITlandscape, having community and professional networking opportunities is very valuable.

Vodafone Idea has achieved PCI DSS 4.0 Certification.

Telecom Service Provider Vodafone Idea Limited (VIL), announced that it had become the first telco in India to achieve the Payment Card Industry-Data Security Standard version 4.0 (PCI DSS 4.0) certification for its retail stores and payment channels. The PCI DSS 4.0 certification is already mandated by RBI Guidelines for banking and financial institutions in India.

Friday Flows 35: Tines Workbench showcase

Tines Workbench is here, a true evolution in how automation and AI is leveraged within operations for security and IT. If you missed it, Workbench is a Tines-powered AI chat interface where you can take action and access proprietary data in real-time, privately and securely. In this episode of Friday Flows, Cameron welcomes security researcher Michael Tolan, who showcases Workbench's capabilities by focusing on a suspicious Okta login.

Friday Flows episode 36: Using Tines Workbench for asset and vulnerability management

Michael Tolan from Tines Labs returns with Cameron for another episode on Tines Workbench. In case you missed it, Workbench is a Tines-powered AI chat interface where you can take action and access proprietary data in real-time, privately and securely. This episode leverages Workbench to make a tedious process extremely simple to handle. For any teams spending a lot of time on asset and vulnerability management, this is a must-watch!

Friday Flows Episode 33: From traditional SOAR to Tines automation, an engineer's perspective

Part 2 of Cameron's conversation with solutions engineer and experienced SOAR engineer Sif Baksh features a quick walkthrough of a simple but powerful workflow. This is a really interesting use of Tines Pages & Resources to simplify an impactful security use case. It also leverages GitHub and Cobalt Strike.