Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Concerning Lack of Transparency in Bug Bounty Programs

Apr 3, 2023 By Razorthorn In Razorthorn
In this video, James Rees shares his concerns about the lack of transparency in bug bounty programs. He highlights the fact that testers are not always properly vetted or regularly checked, leaving companies unsure of who is testing their systems. He also notes that certain regions tend to have more malicious actors, raising questions about the validity of testers from those areas. This lack of transparency can be concerning for companies and users alike, and James encourages more accountability and validation measures to be put in place for bug bounty programs.
View Video
bitsight

8 Dangerous Ransomware Examples

Apr 3, 2023 By Eric Cisternelli In BitSight

The threat of ransomware has been ever present in 2020, especially within the high-stakes industries like healthcare and those involved in the election. According to Verizon's 2019 Data Breach Investigations Report, 24% of security incidents that involved specific malware functionality exhibited ransomware functionality.

Read Post
CalCom

Expert Advice on why you should automate server hardening

Apr 3, 2023 By John Gates In CalCom
We recently engaged in a conversation with our team of experts regarding their ongoing server hardening project. We inquired about the obstacles encountered during manual hardening procedures and asked if they’d be willing to explain the underlying reasons for issues that arise when automation is not employed. Their latest encounter with a client provided a valuable opportunity to further expound on strategies to mitigate these challenges.
Read Post
device authority

What Is DNS Spoofing and How Can You Prevent It?

Apr 3, 2023 By Louise José In Device Authority

Have you ever typed in a website’s address and ended up somewhere completely different? Or received emails from what appears to be a familiar company, but with suspicious links that lead to unfamiliar pages? These scenarios may be the result of DNS spoofing, a type of cyber-attack that can leave your sensitive information vulnerable. In this blog post, we’ll dive into what DNS spoofing is, how it works, who is at risk, and most importantly – how you can prevent it.

Read Post
knowbe4 logo

KnowBe4

Apr 2, 2023
KnowBe4 is the provider of the world's largest integrated platform for security awareness training combined with simulated phishing attacks. Join our more than 56,000 customers to manage the continuing problem of social engineering.
View Organisation

How Investing in Security Testing Can Save You Money and Reputation | Megan Brown

Apr 2, 2023 By Razorthorn In Razorthorn
Megan Brown, the Head of International Sales at LogicGate, explains how investing in security testing can have a positive impact on your organization’s cyber risk, legal and compliance issues. She talks about how security testing can help you get better rates and coverage from your cyber insurance providers, as well as meet the expectations of your customers. She also discusses the changing standards of security testing and why you need to go beyond just showing your SOC 2 or ISO certifications. Watch this video to learn more about how investing in security testing can benefit your organization in multiple ways.
View Video
Zenity

NetSPI Finds a Power Platform Vulnerability. 4 Things to Do About It

Apr 2, 2023 By Andrew Silberman In Zenity

Recent research from penetration testing company NetSPI found that Azure on-premises data gateways allow Power Platform and Power BI to access customer resources and databases. Threat researchers found that these gateways can communicate with Power Platform through an Azure service called Azure Relay (previously known as Azure Service Bus).

Read Post
device authority

Securing the Internet of Things: Understanding the Basics of IoT Security

Apr 2, 2023 By Louise José In Device Authority

The Internet of Things (IoT) is a network of interconnected physical objects that are embedded with different kinds of technology, such as sensors, processors, transceivers, or actuators. This technology allows IoT devices to collect and exchange data with each other over the internet or through dedicated wireless networks, enabling them to interact with the physical world in various ways. As the number of IoT devices continues to grow, so too does the need for proper security measures.

Read Post
cato networks

The 3CX Supply Chain Attack - Exploiting an Ancient Vulnerability

Apr 2, 2023 By Etay Maor In Cato Networks

Supply chain attacks are one of the top concerns for any organization as they exploit (no pun intended) the inherited trust between organizations. Recent examples of similar attacks include SolarWinds and Kaseya. On March 29th, a new supply chain attack was identified targeting 3CX, a VoIP IPXS developer, with North Korean nation-state actors as the likely perpetrators.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.