Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Navigating Cybersecurity Compliance: The Need for GRC Tools and Strategic Oversight #podcast

Feb 11, 2024 By Razorthorn In Razorthorn
Delve into the complex world of cybersecurity compliance with our latest video, where we address the crucial question: How do you effectively track and manage diverse compliance requirements across the board? In an era where adhering to one set of regulations might not align with another, the need for a comprehensive GRC (Governance, Risk, and Compliance) tool becomes paramount.
View Video
algosec

5 Best Network Vulnerability Scanning Tools in 2024

Feb 11, 2024 By Tsippi Dach In AlgoSec
Network vulnerability scanning provides in-depth insight into your organization’s security posture and highlights the specific types of vulnerabilities attackers may exploit when targeting it. These tools work by systematically scanning your network environment — including all desktops, laptops, mobile endpoints, servers, and other assets for known weaknesses and misconfigurations. Your analyzer then produces a detailed report that tells you exactly how hackers might breach your systems.
Read Post
Rubrik

Announcing Amazon S3 Protection with Rubrik Security Cloud

Feb 9, 2024 By Mike Preston In Rubrik
Data is at the heart of nearly every business operation, and it’s critical to ensure the security and integrity of that data. Amazon Simple Storage Service (S3) has long been a popular choice for organizations seeking a scalable, cost-effective, and resilient storage solution for their data needs. In fact, nearly one million organizations around the world rely on Amazon S3 to store hundreds of exabytes of unstructured, business-critical data.
Read Post

Cybersecurity Dilemma: Balancing Government Involvement Without Sacrificing Security Budgets

Feb 9, 2024 By Razorthorn In Razorthorn
Unravel the cybersecurity dilemma in our latest video, where we explore the complex relationship between government involvement and corporate cybersecurity programs. Many cybersecurity leaders may express reluctance when asked about government intervention, fearing the additional burdens of setting up new compliance wings and diverting resources from tangible security budgets.
View Video
Arctic Wolf

PRC State-Sponsored Threat Actors (Volt Typhoon) Target Critical Infrastructure Entities

Feb 9, 2024 By Andres Ramos In Arctic Wolf
On February 7, 2024, CISA issued an advisory detailing their discoveries concerning state-sponsored cyber actors linked to the People’s Republic of China (PRC). Notably, the PRC-affiliated threat actor, Volt Typhoon, is actively engaged in efforts to infiltrate IT networks, with the potential aim of launching cyber attacks on vital U.S. infrastructure in the event of a substantial crisis or conflict with the United States.
Read Post
centripetal

Fortinet Vulnerability: CVE-2024-21762

Feb 9, 2024 By Lauren Farrell In Centripetal
On Thursday, February 8th, the Fortinet Product Security Incident Response Team released an advisory (FG-IR-24-015) notifying of an out-of-bound write vulnerability in their SSL VPN tracked as CVE-2024-21762. The vulnerability “may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests”.
Read Post

Vulnerability A03 : Injection - OWASP TOP 10

Feb 9, 2024 By VISTA InfoSec In VISTA InfoSec
Welcome to our latest video on the OWASP Top 10, focusing on Vulnerability A03: Injection. This video is designed to provide a comprehensive understanding of injection vulnerabilities, which are among the most common and dangerous security risks in web applications. In this video, we will explore the concept of injection vulnerabilities, their various types, and how they can be identified. We will also look at real-world examples to illustrate the potential impacts of these vulnerabilities when they are exploited.
View Video
WatchGuard

Navigating the Landscape of Security Frameworks and Regulations: A Guide to Vulnerability Management and Patching

Feb 9, 2024 By Iratxe Vazquez In WatchGuard
In today's rapidly evolving cyber threat landscape, organizations across all industries face an imperative need to safeguard their digital assets. Adherence to standard security frameworks, regulations, and insurance requirements is not just a strategic step towards a robust cybersecurity posture but a matter of compliance. These standards, regulations, and insurance requirements mandate ongoing vulnerability management and patching to mitigate risks and protect sensitive data.
Read Post
netwrix

A Comprehensive Guide to Active Directory Monitoring Tools

Feb 9, 2024 By Craig Riddell In Netwrix
Effective Active Directory (AD) monitoring is a cornerstone for security and compliance. It empowers administrators to spot suspicious activity, including improper changes to AD objects like user accounts and Group Policy objects (GPOs), in time to avoid data breaches or minimize their impact.
Read Post
netskope

Cloud Threats Memo: Back to the Basics: New DarkGate Campaign Exploiting Microsoft Teams

Feb 9, 2024 By Paolo Passeri In Netskope
DarkGate is a commodity malware with multiple features including the ability to download and execute files to memory, a hidden virtual network computing (HVNC) module, keylogging, information-stealing capabilities, and privilege escalation.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.