Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Feroot

Who Must Comply with CCPA? California Compliance Guide

Apr 24, 2025 By Feroot In Feroot
The California Consumer Privacy Act (CCPA) is the first comprehensive California data privacy law granting consumers control over how their personal information is collected, used, and shared. It was enacted in 2018 and took effect on January 1, 2020, signaling a national shift in privacy regulations. With increasing emphasis on transparency and accountability, businesses must now adhere to a new standard in consumer data protection California.
Read Post
Arctic Wolf

CVE-2025-34028: PoC Released for Critical RCE Vulnerability in Commvault Command Center

Apr 24, 2025 By Andres Ramos In Arctic Wolf
On April 24, 2025, watchTowr published technical details and a proof-of-concept (PoC) exploit for a critical vulnerability in Commvault Command Center, CVE-2025-34028, which had been disclosed earlier in April. Commvault Command Center is a web-based interface used to manage data protection, backup, and recovery operations across enterprise environments.
Read Post
knowbe4

Half of Organizations Lack Protection Against Email Spoofing

Apr 24, 2025 By Stu Sjouwerman In KnowBe4
A new report from Valimail has found that 50% of organizations lack effective protection against email spoofing. Specifically, many organizations have lenient DMARC policies that don’t actually prevent spoofing. DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol that helps prevent attackers from spoofing organizations that have the protocol in place.
Read Post
knowbe4

How Organizational Culture Shapes Cyber Defenses

Apr 24, 2025 By Javvad Malik In KnowBe4
Recently, I received an email at work from a company with whom I've had previous interactions. The email lacked context and contained an attachment, immediately raising suspicion. I reported it to our infosec team using the Phish Alert Button (PAB). A short while later, our team confirmed it was indeed a malicious email. Subsequently, the sender organization informed us that they had been compromised, and phishing emails had been distributed from their account.
Read Post

DevSec Next AI: AI-First Coding Workshop: Transforming Development Workflows

Apr 24, 2025 By Jit In Jit
This workshop introduces experienced engineers to AI-first coding - a paradigm where AI tools generate most of the code while developers focus on direction and refinement. ​We'll explore how large language models work underneath the hood, revealing practical techniques to maximize their effectiveness in development workflows. ​Participants will learn the powerful "Plan-then-Act" methodology, discover how to leverage context windows effectively, and implement structured memory bank approaches to maintain project continuity.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.