Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

levelblue

Prevent, Detect, Contain: LevelBlue MDR's Guide Against Black Basta Affiliates' Attacks

Mar 7, 2025 By Ken Ng In LevelBlue
Between December 2024 and February 2025, the LevelBlue MDR team saw over a dozen attempts and a handful of successful intrusions by threat actors (TAs). Internally, we broadly attribute these attacks to the Black Basta ransomware gang. As outlined by other cybersecurity researchers’ reporting of similar tactics, techniques, and procedures (TTPs) observed; there is a high probability that this activity is from affiliate groups or initial access brokers.
Read Post
centripetal

Security Bulletin: Arbitrary Command Execution in Kibana

Mar 7, 2025 By Lauren Farrell In Centripetal
On Wednesday, March 5th, Kibana disclosed a security vulnerability with a Critical CVSS score of 9.9 impacting versions 8.15.0 through 8.17.2, with 8.17.3 being patched to fully remediate the vulnerability. The vulnerability, known as prototype pollution, revolves around the malicious crafting of file uploads and the sending HTTP requests leading to arbitrary code execution on the host machine.
Read Post
stripe olt

Stripe OLT Joins Microsoft FastTrack Program

Mar 7, 2025 By Stripe OLT In Stripe OLT
It’s undeniable that cyber threats are becoming more sophisticated, and SMEs are facing increasing risks. Ransomware attacks, data breaches, and supply chain vulnerabilities are all on the rise, with smaller businesses being hit hardest due to limited security resources and technical expertise. At Stripe OLT, we don’t just recognise these challenges – we’re here to help you tackle them.
Read Post
11:11 systems

The Hyperdrive for Your Data

Mar 7, 2025 By Laura Shafer In 11:11 Systems
Whether it needed to outrun Imperial fighters or make the Kessel Run in less than 12 parsecs, the Millennium Falcon simply couldn’t work its magic without a functioning hyperdrive. Similarly, today’s business enterprises need a way to move vast amounts of data quickly, securely, and without interruption—but relying on the public internet simply isn’t cutting it. Data is one of the most valuable resources a business can have.
Read Post
ignyte Team

Guide: What is the CMMC-AB (Accreditation Body)?

Mar 7, 2025 By Max Aulakh In Ignyte
Every year that goes by shows an improvement in technology, often by leaps and bounds over previous technology. What used to be the realm of far-off science fiction so unbelievably exotic that it defined genres is now a commonplace reality. With new technology comes new threats. We’ve seen a dramatic increase in digital threats, from the SolarWinds supply line attack, to the compromised Outlook services, to the currently-ongoing Salt Typhoon attack on telecom companies.
Read Post

#196 - Security challenges in the Arctic with Deepak Dutt, Founder of Zighra

Mar 7, 2025 By LimaCharlie In LimaCharlie
On this episode of The Cybersecurity Defenders Podcast, we talk about security issues in the Arctic with Deepak Dutt, Founder of Zighra. Deepak is a technology leader and entrepreneur on a mission to secure the future against AI-powered threats and to inspire founders to transform their ideas from zero to meaningful impact. Deepak’s career began in the software space, inspired by his father’s passion for technology. In his late teens, he founded his first company in the eLearning space, which he successfully led to an acquisition, relocating to Ottawa at the age of 21.
View Video

LimaCharlie Playbooks demo

Mar 7, 2025 By LimaCharlie In LimaCharlie
LimaCharlie Playbooks expand the use of Python in the SecOps Cloud Platform (SCP), letting users reduce the learning curve for leveraging advanced capabilities in our platform. While the current format of our detection and response rules remain highly effective, our playbooks make much of the same functionality available to Python scripts. Playbooks also give users extreme control and granular functionality over certain operations that LCQL does not.
View Video
mend

AI Governance in AppSec: The More Things Change, The More They Stay the Same

Mar 7, 2025 By Aurora Starita In Mend
Every hype cycle brings fresh security concerns, and AI is no exception. AI governance might sound like uncharted territory, but it’s really just another evolution of the same security principles AppSec teams have been applying for years. The fundamentals—secure coding, risk management, compliance, and policy enforcement—haven’t changed.
Read Post
vanta

The founder's guide to accelerating growth with compliance

Mar 7, 2025 By Vanta In Vanta
For founders of early-stage startups, growth is the North Star. You’re focused on building a great product, winning customers, and scaling fast. Security compliance? It’s probably not on your radar—but it should be. ‍ The reality is, compliance isn’t just a nice to have or a box to check when a customer asks to see a SOC 2 report. It’s a revenue accelerator.
Read Post
obrela

Why Organisations Still Fall Victim to Phishing and How to Avoid It

Mar 7, 2025 By Obrela In Obrela
Phishing remains a significant threat to organisations, despite advancements in cybersecurity. The tactics used in phishing attacks have evolved significantly. Attackers now use advanced techniques like spear phishing, targeting specific individuals or roles within an organisation, and clone phishing, which duplicates legitimate messages but includes malicious links.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.