Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Arctic Wolf

CVE-2024-6633: Critical Credential Vulnerability Affecting Fortra FileCatalyst Workflow

Sep 3, 2024 By Andres Ramos In Arctic Wolf
On August 27, 2024, Fortra published a security advisory regarding a critical credential vulnerability in FileCatalyst Workflow, identified as CVE-2024-6633. FileCatalyst Workflow is a managed file transfer solution used for exchanging large files across networks.
Read Post
Arctic Wolf

How a Security Operations Approach Can Prevent Man-in-the-Middle Attacks

Sep 3, 2024 By Arctic Wolf In Arctic Wolf
Here’s an endpoint you don’t often think about: your car. But if it’s Wi-Fi enabled, as many new models are, that means it resides at the end point of a network connection and can communicate on that network, making it an endpoint.
Read Post
trilio

Trilio: The Perfect Backup Solution for Red Hat OpenStack Services on OpenShift

Sep 3, 2024 By Kevin Jackson In Trilio
As infrastructure continues to evolve for scalability, tenancy and efficiency, there is a growing need for solutions that can bridge the gap between mature cloud offerings such as OpenStack and the ease of deployment, flexibility, and elasticity provided Kubernetes. Red Hat OpenStack Services on OpenShift or “RHOSO” offers a compelling solution for organizations looking to achieve this goal.
Read Post
armo

NEW: ARMO Platform Introduces Auto-Generation of Seccomp Profiles

Sep 3, 2024 By Yossi Ben Naim In ARMO
We are thrilled to announce the latest enhancement to ARMO Platform: Seccomp Profiles Leveraging eBPF. This feature uses eBPF to take the guesswork out of creating seccomp profiles. Thus, benefiting from the added security seccomp profiles provide, without the risk of “breaking” applications.
Read Post
cyberint

A Deep-Dive Into Initial Access Brokers: Trends, Statistics, Tactics and more

Sep 3, 2024 By Adi Bleih In Cyberint
Initial Access Brokers (IABs) are threat actors who infiltrate networks, systems, or organizations and sell this unauthorized access to other malicious actors. Instead of executing the entire cyberattack, IABs focus on the initial breach and monetize it by selling access to compromised systems. They assist ransomware operations, particularly RaaS schemes, by streamlining attacks and reducing workload at the start.
Read Post
Tines

"It's so important that the CISO gets a seat at the table": a Q&A with Trace3's Gina Yacone

Sep 3, 2024 By Tines In Tines
A leading voice in cybersecurity, Gina Yacone is a trusted advisor to senior security leaders, guiding them through emerging trends and recommending strategies to strengthen defenses. She was also recently named Cybersecurity Woman Volunteer of the Year 2024. As regional and advisory CISO at the elite technology consultancy Trace3, she also participates in the Trace3 AI Center of Excellence (CoE) Champion Program, keeping her at the forefront of AI and security innovation.
Read Post

One AppSec Platform. One Price.

Sep 3, 2024 By Mend In Mend
������ ������������ ����������������.������ ����������. Application security is necessary – our platform makes it effortless Mend.io's proactive platform finds and fixes vulnerabilities before they hit your codebase with a new unified AppSec platform.
View Video

Shifting From Reactivity to Proactivity in AppSec with Phil Guimond - Secrets of AppSec Champions

Sep 3, 2024 By Mend In Mend
"In Episode 03 of the SAC | Secrets of AppSec Champions podcast titled ""Compromised: Proactive to Reactive,"" hosts Chris Lindsey and guest Phil Guimond tackle the critical distinctions between proactive and reactive security strategies. They emphasize the importance of access logging and visibility in detecting compromises early, pointing out how changes in access logs can signal potential threats. They stress the necessity of implementing secure, tamper-proof log storage and discuss automation solutions like the ""Have I Been Pwned"" API and CAPTCHA to mitigate risks such as account takeovers.
View Video
foresiet

Verkada Penalized $2.95M by FTC for Security Failures Exposing 150,000 Camera Feeds

Sep 3, 2024 By Foresiet In Foresiet
In a significant development in the cybersecurity domain, the Federal Trade Commission (FTC) has proposed a $2.95 million penalty against security camera vendor Verkada. The penalty stems from multiple security failures that allowed hackers to access live video feeds from 150,000 internet-connected cameras. These breaches exposed sensitive environments, including women's health clinics, psychiatric hospitals, prisons, and schools, highlighting the severe implications of inadequate security measures.
Read Post
foresiet

Critical Vulnerabilities in Microsoft macOS Apps Could Lead to Unrestricted Access for Hackers

Sep 3, 2024 By Foresiet In Foresiet
In a recent cybersecurity development, eight vulnerabilities have been identified in Microsoft applications for macOS. These flaws could potentially allow attackers to gain elevated privileges or access sensitive data by bypassing the operating system’s permissions-based security model. This blog delves into the nature of these vulnerabilities, their potential impact, and the steps that can be taken to mitigate the risks.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.