Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

3 Best Practices to Save Yourself Zero-Day Exploits

Sep 26, 2022 By SecurityScorecard In SecurityScorecard
52% of attacks in 2021 began with a zero-day exploit. Here are 4 things you can do to make sure your organization is safe: Understand your attack surfaces from the outside. You need to understand how your external attack surface looks because that's how attackers break in. Have a patching program on hand. When a patch comes out from a software vendor, apply it as soon as possible. Then, rescan your entire attack surface to confirm that it’s applied properly. Build your network with resilience in mind.
View Video
CrowdStrike

The Anatomy of Wiper Malware, Part 3: Input/Output Controls

Sep 26, 2022 By Ioan Iacob - Iulian Madalin Ionita In CrowdStrike

In Part 1 of this four-part blog series examining wiper malware, the CrowdStrike Endpoint Protection Content Research Team introduced the topic of wipers, reviewed their recent history and presented common adversary techniques that leverage wipers to destroy system data. In Part 2, the team dove into third-party drivers and how they may be used to destroy system data.

Read Post
Arctic Wolf

CVE-2022-3236 - Remote Code Execution Vulnerability in Sophos Firewall

Sep 26, 2022 By Sule Tatar In Arctic Wolf
On Friday, September 23, 2022, Sophos disclosed a critical code injection vulnerability impacting Sophos Firewall. This vulnerability, assigned CVE-2022-3236, affects Sophos Firewall versions v19.0 MR1 (19.0.1) and older and could lead to remote code execution. In order for a threat actor to exploit this vulnerability, WAN access would need to be enabled for the Webadmin and User Portal consoles.
Read Post
signmycode

Free Code Signing Certificate - Where to Find One?

Sep 26, 2022 By SignMyCode In SignMyCode

As all software publishers are concerned about their code integrity and reputation, they select the best code signing certificate provider. Still, some search for the free code signing certificate. Now, you must be thinking, is there anything like a free code sign certificate. And, if it is, then from where you can avail of it. Code Signing Certificate is an integral part of executable files. And mainly, a publisher purchases it from an authorized vendor and provider.

Read Post

The 443 Podcast Episode 210 - An Uber Hack

Sep 26, 2022 By WatchGuard In WatchGuard
This week on the podcast, we cover Uber's most recent security incident and the alleged individual behind it. After that, we dive into the world of gas station operational technology and potential security weaknesses in one tool. Finally, we end with a chat about the FBI CISO Academy and how the FBI as a whole is trying to reshape relationships with the private sector. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.