Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The MemcycoFM Show: Episode 13 - How 5 of the Biggest Retail ATO Attacks Could Have Been Stopped

Aug 21, 2025 By Memcyco In Memcyco
Retailers have become prime targets for account takeover. Loyalty balances, stored cards, and digital wallets represent liquid assets, often guarded by weaker controls than financial accounts. Attackers exploit credential reuse, phishing infrastructure, and automation to scale these intrusions. Reported retail ATO cases in the UK rose 96% year over year (Action Fraud, 2023). The following five breaches illustrate how large brands across loyalty, e-commerce, and digital wallets were compromised, and how real-time, in-session defenses could have altered the trajectory.
View Video

Defending Against WAF, API, and DDoS Attacks

Aug 21, 2025 By A10 Networks In A10 Networks
Defending Against WAF, API, and DDoS Attacks In this video from SourceForge, Carlo Alpuerto of A10 Networks explains the "outside-in" protection philosophy behind ThreatX. He uses the metaphor of a castle wall, stating that the defense focuses on who and what is attacking it, rather than what is behind it. Alpuerto details the flexibility of the A10's ThreatX solution, which can be deployed in various hybrid scenarios, including on-premise physical or virtual environments, as well as different cloud environments like AWS, Azure, and GCP.
View Video
cloudflare

How a volunteer-run wildfire site in Portugal stayed online during DDoS attacks

Aug 21, 2025 By João Tomé In Cloudflare
On July 31, 2025, just as Portugal entered the peak of another intense wildfire season, João Pina, also known as Tomahock, received an automated alert from Cloudflare. His volunteer-run project, fogos.pt, now a trusted source of real-time wildfire information for millions across Portugal, was under attack. One of the several alerts fogos.pt received related to the DDoS attack.
Read Post
Now Your Data is on the Dark Web - What's Next?

Now Your Data is on the Dark Web - What's Next?

Aug 20, 2025 By SecuritySenses In SecuritySenses
No one sleeps with two eyes shut knowing that the nefarious part of the internet has their data. Whether you're a civilian navigating your lowkey life or a 6+ figure key figure, the tension always manifests itself. If this is you, telling you not to worry could send us through the cloud; just a packed punch. But now that your sensitive data is out there on the dark web, what's the course of action?
Read Post

Inside the SonicWall SSLVPN Attacks

Aug 19, 2025 By WatchGuard Technologies In WatchGuard
Inside the SonicWall SSLVPN Attacks In this week’s episode of The 443, Marc Laliberte and Corey Nachreiner break down: The recent SonicWall SSLVPN exploits What we know so far and how attackers are getting in The risks for organizations relying on vulnerable VPN gateways Plus: a WinRAR zero-day and a new ChatGPT vulnerability you should know about.
View Video

Defending Against WAF, API, and DDoS Attacks

Aug 18, 2025 By A10 Networks In A10 Networks
Defending Against WAF, API, and DDoS Attacks In this SourceForge video, Carlo Alpuerto of A10 Networks shares insights on how ThreatX protects WAF, API, DDoS, and bot attacks, processing all the information within a single database. Alpuerto highlights the platform's ability to apply these protections and actionability, showcasing how users can create and manage specific rules. He also notes that the ThreatX security operations center (SOC) team curates these rules daily, utilizing threat intelligence, CVE notifications, and zero-day news to provide comprehensive, up-to-date protection.
View Video
tripwire

Plagued by Cyberattacks: Indian Healthcare Sector in Critical Condition

Aug 18, 2025 By Katrina Thompson In Tripwire
A recent report states that Indian healthcare institutions face a total of 8,614 cyberattacks every week. That is more than four times the global average and over double the amount faced by any other industry in India. If the feeling was in the air before, the numbers leave no doubt; India’s healthcare sector is an irresistible target for today’s attackers.
Read Post
datadog

Abusing AI interfaces: How prompt-level attacks exploit LLM applications

Aug 18, 2025 By Mallory Mooney In Datadog
In Parts 1 and 2 of this series, we looked at how attackers get access to and take advantage of the infrastructure and supply chains that shape generative AI applications. In this post, we'll discuss AI interfaces, which we define as the entry points and logic that determine how a user interacts with an AI application. These elements can include chat interfaces, such as AI assistants, and API endpoints for supporting services.
Read Post
mend

The Hallucinated Package Attack: Slopsquatting

Aug 15, 2025 By Mend.io Team In Mend
Imagine a world where, in the middle of programming, your helpful AI assistant tells you to import a package called securehashlib. It sounds real. It looks real. You trust your silicon co-pilot. You run pip install securehashlib. Congratulations. You’ve just opened a backdoor into your software stack—and possibly your company’s infrastructure. The package didn’t exist until yesterday, when an attacker registered it based on a hallucination the AI made last week.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.