Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

centripetal

Fortinet Vulnerability: CVE-2024-21762

Feb 9, 2024 By Lauren Farrell In Centripetal
On Thursday, February 8th, the Fortinet Product Security Incident Response Team released an advisory (FG-IR-24-015) notifying of an out-of-bound write vulnerability in their SSL VPN tracked as CVE-2024-21762. The vulnerability “may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests”.
Read Post

Vulnerability A03 : Injection - OWASP TOP 10

Feb 9, 2024 By VISTA InfoSec In VISTA InfoSec
Welcome to our latest video on the OWASP Top 10, focusing on Vulnerability A03: Injection. This video is designed to provide a comprehensive understanding of injection vulnerabilities, which are among the most common and dangerous security risks in web applications. In this video, we will explore the concept of injection vulnerabilities, their various types, and how they can be identified. We will also look at real-world examples to illustrate the potential impacts of these vulnerabilities when they are exploited.
View Video
WatchGuard

Navigating the Landscape of Security Frameworks and Regulations: A Guide to Vulnerability Management and Patching

Feb 9, 2024 By Iratxe Vazquez In WatchGuard
In today's rapidly evolving cyber threat landscape, organizations across all industries face an imperative need to safeguard their digital assets. Adherence to standard security frameworks, regulations, and insurance requirements is not just a strategic step towards a robust cybersecurity posture but a matter of compliance. These standards, regulations, and insurance requirements mandate ongoing vulnerability management and patching to mitigate risks and protect sensitive data.
Read Post
netwrix

A Comprehensive Guide to Active Directory Monitoring Tools

Feb 9, 2024 By Craig Riddell In Netwrix
Effective Active Directory (AD) monitoring is a cornerstone for security and compliance. It empowers administrators to spot suspicious activity, including improper changes to AD objects like user accounts and Group Policy objects (GPOs), in time to avoid data breaches or minimize their impact.
Read Post
netskope

Cloud Threats Memo: Back to the Basics: New DarkGate Campaign Exploiting Microsoft Teams

Feb 9, 2024 By Paolo Passeri In Netskope
DarkGate is a commodity malware with multiple features including the ability to download and execute files to memory, a hidden virtual network computing (HVNC) module, keylogging, information-stealing capabilities, and privilege escalation.
Read Post
keeper

How To Tell if Spyware Is on Your Phone and How to Remove It

Feb 9, 2024 By Tim Tran In Keeper
While browsing the internet, you may accidentally install spyware on your phone without even knowing. Android phones are known to be more susceptible to spyware than iPhones; however, anyone who owns a smartphone needs to watch out for spyware – especially if your phone is outdated or jailbroken. Some ways you can tell if spyware is installed is if your phone’s camera and mic turn on randomly, you hear a noise during phone calls, or you see unfamiliar apps and files on your phone.
Read Post
CrowdStrike

How to Secure Business-Critical Applications

Feb 9, 2024 By Jacob Garrison In CrowdStrike
As organizations move more of their business-critical applications to the cloud, adversaries are shifting their tactics accordingly. And within the cloud, it’s clear that cybercriminals are setting their sights on software applications: In fact, industry data shows 8 out of the top 10 breaches in 2023 were related to applications.
Read Post
lookout

Your Data Has Moved to the Cloud - Can Your Security Strategy Keep Up?

Feb 9, 2024 By Aaron Cockerill In Lookout
In today's world, data is the lifeblood of every organization. From intellectual property to employee and customer data to competitive intelligence and more — if your data is stolen, it's your reputation, money, and business on the line. But the way we store and interact with data has changed over the years. It's no longer located inside a perimeter, on networks and devices your organization has total control over.
Read Post
knowbe4

Browser-Based Phishing Attacks Increase 198%, With Evasive Attacks Increasing 206%

Feb 9, 2024 By Stu Sjouwerman In KnowBe4
A new report shows massive increases in browser attacks in the second half of 2023, with over 31,000 threats specifically designed to bypass security solution detection. I spend a lot of time on this blog talking about phishing, social engineering, smishing, deepfakes and more – all topics centered around attack techniques designed to interact and fool a user.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.