Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Outpost24 webinar - The State of Ransomware in 2021 and How to Limit Your Exposure

Mar 24, 2022 By Outpost 24 In Outpost 24
Ransomware has continued to grow in maturity throughout the first half of 2021. As businesses struggle to understand yet another major attack that hit the Kaseya supply chain, organizations are beginning to realize data backups and cyber insurance alone won’t save them.
View Video

An overview of our vulnerability assessment and pentesting process | Cyphere

Mar 23, 2022 By Cyphere In Cyphere
This video will give you a broad overview of our vulnerability assessment and pentesting process. We'll talk about the different phases, how we prioritize vulnerabilities, and what workflows we use to make sure that your team is getting the most out of every engagement.#vapt #vulnerabilityassessment #pentesting
View Video
jfrog

Large-scale npm attack targets Azure developers with malicious packages

Mar 23, 2022 By Andrey Polkovnychenko and Shachar Menashe In JFrog

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. Two days ago, several of our automated analyzers started alerting on a set of packages in the npm Registry.

Read Post
veracode

Shifting Log4j Discovery Right

Mar 22, 2022 By Hope Goslin In Veracode

You hear a lot about shifting your application security (AppSec) left – in other words, shifting AppSec to the beginning of the software development lifecycle (SDLC). While we firmly believe that you should continue scanning in development environments, that doesn’t mean that you should neglect applications that have been deployed to or staged in runtime environments.

Read Post
CalCom

Russian Hackers Exploit MFA protocols and Print Spooler "PrintNightmare" vulnerability

Mar 20, 2022 By John Gates In CalCom
A joint Cybersecurity Advisory (CSA) was issued by the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) recently warning organizations about a Russian state-sponsored cyber-attack. The cyber actors ran arbitrary code using system privileges by exploiting a Windows Print Spooler vulnerability, “PrintNightmare.”
Read Post
snyk

node-ipc sabotages JavaScript developers

Mar 18, 2022 By Snyk In Snyk
On March 15, in an apparent act of protest against the Ukraine crisis, a supply chain attack was created which affects users of the popular JavaScript front-end development framework Vue.js and the Unity Hub. The attack creates a file with an antiwar message and introduces security vulnerabilities, with an earlier version corrupting user files on machines with Russian and Belorussian geolocations, replacing characters with heart emoji.
Read Post
Snyk

dompdf security alert: RCE vulnerability found in popular PHP PDF library

Mar 18, 2022 By DeveloperSteve In Snyk

Recently, researchers from Positive Security published findings identifying a major remote code execution (RCE) vulnerability in dompdf, a popular PDF generation library. In their reporting, they outlined a way that code could be loaded into an application and then remotely executed during a PDF being generated. Dompdf is used quite extensively within the PHP ecosystem, and is used within over 59,000 open sourced platforms and projects.

Read Post

What to Expect from a Vulnerability Assessment Service | Cyphere

Mar 18, 2022 By Cyphere In Cyphere
A vulnerability assessment is an important step in securing your business. By identifying and addressing potential security vulnerabilities, you can help protect your company's data and reputation. In this video, we discuss what to expect from a vulnerability assessment service.#vulnerabilityassessment #securingbusiness
View Video

Copyright © 2026 OpsMatters™. All rights reserved.