Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sysdig

LLMjacking targets DeepSeek

Feb 7, 2025 By Sysdig Threat Research Team In Sysdig
Since the Sysdig Threat Research Team (TRT) discovered LLMjacking in May 2024, we have continued to observe new insights into and applications for these attacks. Large language models (LLMs) are rapidly evolving and we are all still learning how best to use them, but in the same vein, attackers continue to evolve and grow their use cases for misuse.
Read Post
memcyco

The Only DORA Compliance Checklist You Need

Feb 7, 2025 By Julian Agudelo In Memcyco
The bad news – if you’re wondering about the DORA compliance date, it already passed on January 17th 2025. The good news? If you’ve been too busy to even think about the EU’s Digital Operational Resilience Act, it’s not too late to score some quick compliance wins. This DORA compliance checklist is your blueprint for establishing not just compliance, but checks and balances for maintaining it.
Read Post
Featured Post
protegrity

DORA Is Here - But Readiness Concerns Are Far from Over

Feb 6, 2025 By Alasdair Anderson, VP of EMEA In Protegrity
For months, the impending Digital Operational Resilience Act (DORA) deadline has dominated boardroom discussions across the financial sector with its potential to reshape operational and regulatory practices. Now that DORA is officially in effect, attention has shifted to other matters, such as a new US presidential inauguration, AI, and fiscal concerns for 2025. Yet DORA should remain a major cause for concern as the regulation is now active and enforcement has begun. Given its likely strict enforcement, financial organisations and third parties must maintain focus on compliance to avoid major regulatory and operational risks.
Read Post
manageengine

Role-based access control: Your organization's defense against cyberthreats

Feb 6, 2025 By ADManager Plus In ManageEngine
In today’s world, cyberthreats are so prevalent that they expose both public and private organizations to data breaches. A single account with excessive privileges is enough for a hacker to infiltrate the entire organization. To protect your organization from such incidents, you can delegate permissions to users based on their roles and responsibilities. This is where role-based access control (RBAC) comes in.
Read Post
manageengine

Top tips: How not to let dark data become a silent threat to your organization

Feb 6, 2025 By General In ManageEngine
Top tips is a weekly column where we highlight what’s trending in the tech world and list ways to explore these trends. This week, we’ll explore a few ways to identify dark data and mitigate the risks it poses. Dark data is a threat to organizations. Despite efforts to prevent it, dark data inevitably makes its way into systems and is often left unaddressed.
Read Post
exabeam

Best-Of-Breed Security Is Always Important-but for SIEM, It's Imperative

Feb 6, 2025 By Exabeam In Exabeam
Which approach provides superior cybersecurity: a single-vendor platform portfolio or a multivendor best-of-breed ecosystem? Superficially, single-vendor platforms seem to have various advantages: But take a closer look, and glaring gaps appear. Multiple, headline-grabbing security incidents have involved large platform players, and if you’re a seasoned cybersecurity leader, you should consider the risks associated with putting all your eggs in one basket.
Read Post
miniorange

How to Block Websites on Android Phone & Tablet?

Feb 6, 2025 By miniOrange In miniOrange
Are your employees accessing restricted websites during work hours? Unrestricted web access on company devices can lead to decreased productivity and increased security risks. For businesses, controlling online activity on work-issued Android phones and tablets is essential to maintaining a secure and focused work environment.
Read Post
Trustwave

Will the UK's Ransomware Proposal Work? Trustwave Weighs in on the Potential Impact

Feb 6, 2025 By Trustwave In Trustwave
The recent UK Home Office proposal designed to hinder and disrupt ransomware operations through several proposed measures, including a targeted ban on ransomware payments, has again brought this question into the public square. The question of whether to pay a ransom demand is a decades-long argument with ardent opinions on both sides.
Read Post
keeper

Top Cyber Threats Facing Manufacturing and How To Mitigate Them

Feb 6, 2025 By Jaryeong Kim In Keeper
The top cyber threats facing the manufacturing industry are ransomware, supply chain attacks, insider threats, phishing and social engineering attacks. In 2023, the manufacturing sector accounted for 25% of all cyber attacks, making it the most targeted industry. As the manufacturing industry increasingly relies on the Internet of Things (IoT) to improve efficiency and productivity, addressing security risks has become essential.
Read Post
mend

Fake VS Code Extension on npm Spreads Multi-Stage Malware

Feb 6, 2025 By Tom Abai In Mend
In a recent discovery, our research team uncovered a fake VS-code extension—truffelvscode—typosquatting the popular truffle for VS-code extension. This extension serves as a trojan horse for multi-stage malware. This blog takes a closer look at how the malicious extension operates, its obfuscation techniques, and IOCs related to this incident.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.