Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

upguard

Threat Monitoring for Superannuation Security

Apr 10, 2025 By Greg Pollock In UpGuard
On April 4, 2025, The Australian Financial Review reported on a set of credential abuse attacks targeting multiple Austrian superannuation funds. These attacks were not breaches of the infrastructure of those companies, but compromises of individual customer accounts via stolen credentials. How were those customer credentials stolen?
Read Post
vanta

What is NIS 2? A guide to navigating compliance requirements

Apr 10, 2025 By Vanta In Vanta
The Network and Information Security (NIS) directive was introduced in 2016 to outline cybersecurity obligations across the EU and enable operational resilience for in-scope organizations. In 2020, the European Commission proposed the directive’s revision, which led to the formal adoption of NIS 2 in 2022. ‍ In this guide, we answer the common question of organizations impacted by the directive—What is NIS 2?
Read Post
vanta

ISO 27001 and NIS 2: Key differences explained

Apr 10, 2025 By Vanta In Vanta
ISO 27001 is a globally recognized standard for building robust information security management systems (ISMS). The standard is closely aligned with NIS 2—a mandatory EU directive designed to fortify the cybersecurity posture of critical infrastructure among Member States. ‍ These two frameworks form a unique symbiotic relationship due to the potential overlap in the requirements and controls.
Read Post
Trustwave

Tycoon2FA New Evasion Technique for 2025

Apr 10, 2025 By Phil Hay, Rodel Mendrez In Trustwave
The Tycoon 2FA phishing kit has adopted several new evasion techniques aimed at slipping past endpoints and detection systems. These include using a custom CAPTCHA rendered via HTML5 canvas, invisible Unicode characters in obfuscated JavaScript, and anti-debugging scripts to thwart inspection. This blog takes a closer look at these methods to better understand how this kit is evolving and what defenders should be aware of.
Read Post
aikido

The malware dating guide: Understanding the types of malware on NPM

Apr 10, 2025 By Madeline Lawrence In Aikido
The Node ecosystem is built on a foundation of trust — trust that the packages you npm install are doing what they say they do. But that trust is often misplaced. Over the past year, we’ve seen a disturbing trend: a rising number of malicious packages published to npm, often hiding in plain sight. Some are crude proof-of-concepts (PoCs) by researchers, others are carefully crafted backdoors.
Read Post

Keeper 101 - Secure File Storage and Sharing

Apr 10, 2025 By Keeper Security In Keeper
One of the core use cases of the Keeper platform is the capability to encrypt and protect confidential documents, photos and videos with end-to-end encryption. Files that are stored in the Keeper Vault are encrypted with zero knowledge AES 256 encryption, which means only the user has the ability to access their stored files. These files can also be shared with others, which are end-to-end encrypted from vault to vault using Elliptic Curve cryptography.
View Video

A Buyer's Journey for API Security

Apr 10, 2025 By Wallarm In Wallarm
Join us for a webinar that explores the challenges of securing APIs, which are increasingly critical to modern organizations. We will discuss the key issues facing API driven companies today, including hidden APIs and sophisticated attacks that can disrupt operations. We'll examine real-world examples of API vulnerabilities and the solutions to address them. We'll cover the essential criteria for selecting an API security product that fits your organization's needs.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.