Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

What Are Attack Surfaces and How to Protect Them

Mar 16, 2022 By SecurityScorecard In SecurityScorecard
Attack surfaces are the different endpoints, subsidiaries, business units, and devices that a hacker could go after. For example: We have a client who had a Japanese subsidiary that spun up a server for QA testing. They used it for a couple of years and then forgot about it and stopped maintaining it. But the server was still there. And the attackers found it and tried to use it to break into the client’s infrastructure.
View Video
teleport

Most Common Authorization Vulnerabilities

Mar 16, 2022 By Sakshyam Shah In Teleport

Authorization vulnerabilities allow malicious users to perform unwanted actions or access resources that are deemed protected otherwise. Authorization vulnerabilities are one of the most widely found vulnerabilities in web applications. The OWASP top 10 list of web application security risks listed broken access control vulnerabilities as the number one risk in 2021, so understanding authorization vulnerabilities is an important topic for application security engineers.

Read Post
lookout

Lookout Helps a Large Oil and Gas Company Migrate to Cloud-Based Human Capital Management Software

Mar 16, 2022 By Hank Schless In Lookout

When a large oil and gas company in southeast Europe set out to migrate on-premises data and applications to public cloud infrastructure, they turned to Lookout to help address the myriad of security challenges that emerged. The Lookout Cloud Access Security Broker (CASB) solution with advanced Data Loss Prevention (DLP) provided the full breadth of integrated features needed to assure all data security and compliance considerations were met while allowing for open cloud data interaction.

Read Post
Snyk

Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine

Mar 16, 2022 By Liran Tal In Snyk

On March 15, 2022, users of the popular Vue.js frontend JavaScript framework started experiencing what can only be described as a supply chain attack impacting the npm ecosystem. This was the result of the nested dependencies node-ipc and peacenotwar being sabotaged as an act of protest by the maintainer of the node-ipc package.

Read Post
Feroot

3 Reasons Why JavaScript Security Is Important When Using Third-Party Code in Web Frameworks

Mar 16, 2022 By Feroot In Feroot

Modern web frameworks can simplify the web application development process dramatically, facilitating innovation and saving time. However, their use can come at a steep price if the framework contains vulnerable or malicious third-party code. JavaScript security can help protect against the dangers of third-party code making it key for use in web frameworks.

Read Post
archTIS

Microsoft 365 and Teams Secure File Sharing Tips

Mar 16, 2022 By Irena Mroz In archTIS

Microsoft 365 provides a powerful document management and collaboration platform. However, with so many applications available in the platform to store and share information internally and with external parties, such as partners, contractors and vendors, ensuring proper access and data security can be a challenge. In this blog we examine how to ensure secure file sharing in Microsoft 365 and Teams.

Read Post

#BigPictureCyber Town Hall With Glenn Gerstell, Senior Adviser to CSIS | 3/16/22 | NeoSystems

Mar 16, 2022 By NeoSystems In NeoSystems
NeoSystems #BigPictureCyber Town Hall Series: Join NeoSystems’ Chief Information Security Officer, Ed Bassett, for our weekly #BigPictureCyber Town Hall designed for the Defense Industrial Base and GovCon community. Each session features special guests and offers an opportunity for attendees to ask questions regarding CMMC and cybersecurity. Topics covered include CMMC compliance requirements, cybersecurity news, how to prepare for CMMC certification, and the latest updates from the CMMC AB.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.