Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Five Ways To Evaluate the Strength of Your Security Awareness Program

Aug 31, 2022 By Nathan Caldwell In Arctic Wolf
Today, many organizations have a security awareness program of some kind. Whether it’s annual compliance training or the orientation video warning new employees about phishing, it’s almost a standard now among industries. However, security awareness programs vary in frequency, details, and execution. And it’s that variability which, unfortunately, can become a vulnerability. Employees and users are the first line of defense against a cyberattack.
Read Post
netwrix

Service Account Attack: LDAP Reconnaissance with PowerShell

Aug 31, 2022 By Jeff Warren In Netwrix

In the introductory post of this series, we reviewed what an Active Directory (AD) service account is, explained why these privileged accounts are a serious security risk, and promised to detail 4 types of attacks on service accounts in future posts. This post explores the first of those attacks: LDAP reconnaissance, which attackers can use to discover service accounts in an IT environment while avoiding detection.

Read Post
netwrix

Exploiting Service Accounts: Silver Ticket Attack

Aug 31, 2022 By Jeff Warren In Netwrix

In the first post of these series we showed how an adversary can discover Active Directory service accounts with PowerShell, and the second post demonstrated how to crack their passwords using the Kerberoasting technique. Now let’s see how an attacker can exploit a compromised service account using Kerberos Silver Tickets to forge TGS tickets.

Read Post

Using Containers Responsibly

Aug 31, 2022 By JFrog In JFrog
Tools to package your applications and services into container images are abound. They’re easier to use and integrate into your CI/CD pipelines now more than ever. We can appreciate these advancements in the form of time savings and decreasing complexity when deploying to a cloud native environment, but we cannot completely ignore the details involved in these technologies. It’s tempting to take simplicity for granted, but sometimes we do this at the expense of keeping our software safe and secure!
View Video

Coffee Talk with SURGe: Twitter Whistleblower, Roasting Oktapus, Montenegro Cyberattack

Aug 31, 2022 By Splunk In Splunk
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news including: Mick and Ryan competed in a 60 second charity challenge to explain why they think password managers are still your best option for password security. The team also discussed data privacy after the FTC announced it is suing a data broker for selling geolocation data. Meanwhile, the FCC is launching an investigation into mobile carriers' geolocation data practices.
View Video
tripwire

Defense and Development: Key points from The Complete Guide to Application Security for PCI-DSS

Aug 31, 2022 By Tripwire Guest Authors In Tripwire

The increasing popularity of online payment systems results from the world’s gradual transition to a cashless and contactless digital economy — an economy, projected in a recent Huawei white paper, to be worth $23 trillion by 2025.

Read Post
WatchGuard

Why the HR department is key to cybersecurity

Aug 31, 2022 By The Editor In WatchGuard

In recent years there has been a growing trend for cybercriminals to target human resources departments in order to exploit the sensitive data they handle. Hackers can do a lot of damage, and make a lot of money, once they gain access to Social Security information, dates of birth, work history or employee and company bank account numbers.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.