Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

manageengine

Bumblebee Malware is back with evolving tactics: How EventLog Analyzer can help protect your organization

Dec 18, 2024 By Log360 In ManageEngine
In a surprising development, Bumblebee Malware (a popular malware downloader) has resurfaced with an approach that was believed to be long gone: VBA macro-enabled documents. This comes just four months after Europol dismantled various trick bots—including Bumblebee, IcedId, Pikabot, TrickBot and systemBC—during a crackdown called Operation Endgame.
Read Post
Featured Post
ThreatQuotient

Navigating the Evolving Threat Intelligence Landscape and Organisational Responsibility

Dec 18, 2024 By Gigi Schumm, CRO & Shimon Modi, VP, Dataminr In ThreatQuotient
Cyber Rhino Threat Week (which took place from 9th to 13th December 2024) aims to inform, sharing threat intelligence insights and best practices with our customers, partners and industry ecosystem. This keynote session certainly set the stage for the week, exploring the complexities that organisations must consider when establishing and operating an effective Cyber Threat Intelligence (CTI) program. The panel discussion examined how diverse organisational structures, responsibilities, priorities, and desired outcomes influence the role and integration of CTI.
Read Post
obrela

Get a unified approach towards Compliance with NIS2 and DORA

Dec 18, 2024 By Notis Iliopoulos In Obrela
In the cyber security domain, the increase of cyber-attacks alongside the acceleration of businesses’ digital transformation, drive states to deploy a more ringent regulatory framework to protect data and establish a code of conduct for businesses. In this perspective, it is essential to view compliance as an integral component of the wider governance framework, which is grounded in international standards of an interconnected world that makes best use of already tested best practices.
Read Post
armo

Leading security frameworks for CSPM

Dec 18, 2024 By Ido Huberman In ARMO
Cloud Security Posture Management (CSPM) has become essential for monitoring cloud infrastructure, identifying risks, and enforcing security policies. As cloud adoption grows, managing the complexity of these environments—where misconfigurations and vulnerabilities can lead to breaches—requires a robust approach. This is where security frameworks come into the picture. Security frameworks offer structured guidelines and best practices for managing and improving security posture.
Read Post
tripwire

CIS Control 08: Audit Log Management

Dec 18, 2024 By Matthew Jerzewski In Tripwire
Audit logs provide a rich source of data critical to preventing, detecting, understanding, and minimizing the impact of network or data compromise in a timely manner. Collection logs and regular reviews are useful for identifying baselines, establishing operational trends, and detecting abnormalities. In some cases, logging may be the only evidence of a successful attack. CIS Control 8 emphasizes the need for centralized collection and storage and standardization to better coordinate audit log reviews.
Read Post
tripwire

Managing NERC CIP Patching Process With Tripwire Enterprise and Tripwire State Analyzer

Dec 18, 2024 By Paul Stewart In Tripwire
One of the hardest parts of managing an organization’s cybersecurity is patch management. Just as one patch cycle is completed, another set of patches are released. When compounded with the highly regulated energy industry, governed by the NERC CIP Standards, the task becomes even more daunting. Fortunately, Fortra’s Tripwire Enterprise (TE) and Tripwire State Analyzer (TSA) can ease the process.
Read Post
bitsight

The Aftermath of the Kaspersky Ban

Dec 18, 2024 By Pedro Umbelino In BitSight
In the spring of 2024, amid growing international concern about supply chain risk and the trust and reliability of technology suppliers, the United States banned Kaspersky Lab, Inc., the Russia-based antivirus company from providing its products to the US market. The ban went into effect on September 30, 2024. What impact has the ban had on US and global usage of Kaspersky? Has it been effective? A new analysis from Bitsight contains some surprising results.
Read Post
bitsight

Enhancing Corporate Governance in the Digital Age: Integrating Cybersecurity into ESG Stewardship

Dec 18, 2024 By Nicole Matusek In BitSight
In an era where digital resilience is vital to corporate health, cybersecurity is a critical governance issue. The partnership between Bitsight and Glass Lewis underscores this reality by providing companies with a forward-thinking approach to assessing cybersecurity as part of Environmental, Social, and Governance (ESG) considerations.
Read Post
astra

What is API Security? Types, Challenges, Best Practices

Dec 18, 2024 By Keshav Malik In Astra
In the rapidly changing field of software development, application programming interfaces (APIs) are very powerful tools. They allow different applications to communicate, share data, and collaborate seamlessly, constituting approximately 71% of all web traffic. However, as APIs become more essential to our applications, they also attract cyber threats. In fact, 57% of organizations reported experiencing at least one API-related data breach in the past two years.
Read Post
astra

10 Best API Security Companies To Consider in 2025

Dec 18, 2024 By Keshav Malik In Astra
Every single day, billions of API calls happen across the internet. Behind your favorite applications, APIs work quietly to move data and connect systems. But with the growing use of APIs, API attacks didn’t just increase – they exploded. Take the Optus breach in September 2022, in which attackers exploited an unprotected API endpoint and accessed the personal data of up to 9.8 million customers, leading to a $10 million fine.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.