Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

teleport

Investigate Amazon EKS Audit Logs with Teleport Identity Security

Nov 11, 2025 By Ben Arent In Teleport
In Teleport 18, we’ve added official support to import Amazon EKS Audit Logs into Teleport Identity Security. This capability allows teams to have visibility into actions performed on Amazon EKS clusters when those actions were not executed via Teleport. Amazon EKS Audit Logs in Teleport Identity Security will be generally available in Teleport 18.3, coming November 2025. Your browser does not support the video tag.
Read Post
CalCom

NTLM Relay Attacks: Back from the Dead - and Still Haunting Active Directory

Nov 11, 2025 By CalCom In CalCom
NTLM Relay attacks should be history. Yet in 2025, they remain one of the most effective ways to compromise Active Directory. We first covered this problem back in 2020, when we wrote about a troubling vulnerability that refused to die: NTLM Relay attacks. At the time, many believed NTLM Relay attacks were a relic of the past, an old problem long solved by Kerberos and modern authentication protocols.
Read Post
certkit

Certificate revocation is broken but we pretend it works

Nov 11, 2025 By Todd H. Gardner In CertKit
Last week, someone commented on my post about 47-day certificates: This perfectly captures our collective delusion that SSL certificate revocation works. You click a button, the certificate stops working. And why wouldn’t we believe that? Every CA has a big “Revoke Certificate” button right there in the dashboard. It must do something, right? Here’s the dirty truth: most revoked certificates keep working.
Read Post

If AI Security were food...What's on the menu? #aisecurity #food

Nov 10, 2025 By Mend In Mend
How do you explain AI Security without the jargon? Easy you make it food. In this video, we asked leading AI Security professionals to describe AI Security as a dish. Their answers turn complex ideas like prompt injection, data leaks, and model hardening into bite-sized insights you’ll actually remember. From layered lasagna to spicy tacos, each response brings a fresh perspective on what it means to build and protect secure AI systems.
View Video
How Website Owners Can Move a Site Without Losing Traffic or Rankings

How Website Owners Can Move a Site Without Losing Traffic or Rankings

Nov 10, 2025 By SecuritySenses In SecuritySenses
Migrating a website can feel daunting for any business owner. Whether switching to a new hosting provider, redesigning a site, or updating a domain name, one mistake during the process can lead to lost visitors or decreased search visibility. Search engines rely on stable structures and consistent links, so even minor disruptions can impact rankings.
Read Post
CloudCasa

A multi-cloud BCP approach for CPS 230 compliance using CloudCasa

Nov 7, 2025 By CloudCasa In CloudCasa
When Amazon Web Services’ US-East-1 region went down recently, a long list of global apps and services went with it. For most companies, that meant a few hours of frustration. For APRA-regulated financial institutions in Australia, an outage like that is something much more serious — a compliance and operational-resilience test under CPS 230, which is now in force as of July 2025.
Read Post
armo

Three New High-Severity Vulnerabilities in runc: What You Need to Know

Nov 6, 2025 By Ben Hirschberg In ARMO
Within 24 hours, three new high-severity vulnerabilities were disclosed in runc, the low-level runtime that underpins most container platforms, including Docker, containerd, Kubernetes, and nearly every major cloud provider’s managed Kubernetes service. These vulnerabilities (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881) allow a malicious container image to break out of the container boundary and affect the host machine directly.
Read Post
mend

Building a more secure npm ecosystem with Mend Renovate

Nov 6, 2025 By Jamie Tanna In Mend
Over this last year, we’ve seen significant attacks like the Shai-Hulud worm, the Nx build system compromise, and secrets being leaked to public GitHub Actions logs via the tj-actions/changed-files compromise, but I could spend the entirety of this article only listing different attacks, let alone talking about them.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.