Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this episode of Trust Issues, the conversation revolves around the challenges and transformations in operational technology (OT) security. Guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Lead at Fluor shares insights with host David Puner on securing legacy systems, the impact of generative AI – and the evolving threat landscape.

Des Moines Orthopaedic Surgeons, P.C. (DMOS) has three clinics throughout Iowa’s capital; they offer comprehensive solutions for ortho-care, from joints to extremities and MRI imaging to outpatient surgery. DMOS utilizes a variety of third-party vendors to serve their patients and the surrounding regions; almost a year ago, DMOS experienced a cybersecurity event through one of these vendors. The unauthorized actors broke into their system and compromised the information of 307,864 individuals.

In the intricate web of digital security threats, one particularly disruptive technique stands out: the Distributed Denial of Service (DDoS) attack. This form of cyber assault involves numerous compromised systems, often referred to as bots or zombies, which are used to overwhelm a target website with an avalanche of requests. The result? Legitimate users find themselves unable to access the site, leading to significant operational disruptions.

In 2023, Remote Access Trojans (RATs) and Trojan Stealers were some of the most prevalent types of malware in the cybersecurity landscape. RATs and Trojan Stealer malware represent significant cybersecurity threats, as they’re often employed to conduct espionage, surveillance, and data theft, which emphasizes the critical need for robust defenses.

During an Advanced Continual Threat Hunt (ACTH) investigation that took place in early December 2023, Trustwave SpiderLabs discovered Ov3r_Stealer, an infostealer distributed using Facebook advertising and phishing emails. SpiderLabs’ “Facebook Advertising Spreads Novel Malware Variant,” is an in-depth dive into Ov3r_Stealer, exposing what the Threat Hunt team learned about the threat actors, their techniques, tactics, and procedures and how the malware functions.

The need to find the balance between providing a unique and tailored customer experience, ensuring data privacy, and adhering to market regulations has become more critical than ever for Communications Service Providers (CSPs). In a world where customers are more demanding, regulations are more stringent, and attacks are more sophisticated, it’s easy to see how telecom organisations deem balancing act challenging.

Cybercriminals are notoriously adept at evolving their strategies and tactics to defraud individuals and businesses out of their hard-earned money. One perfect example of the evolution of effective and illusive financial fraud is card skimming. But is card skimming still a thing in 2024? Very much so. According to the FBI, card skimming fraud still costs financial institutions and American consumers more than $1 billion yearly—and it’s growing.

When it comes to data management in software development you, as a developer, should know how to efficiently download a single GitHub file. Often, devs and project managers need to download individual files for local testing, archival purposes, version comparison, or any other reason you can make up. It can seem daunting. In this article, we will guide you through various methods to download a single file from the GitHub repository, whether it’s public or private repository.

Protecting cloud-based applications and workloads requires robust security solutions such as CSPM, CIEM and CWPP. CNAPP tries to answer all 3 but how do you know which solution is right for your specific organization? Ava Chawla, AlgoSec’s Global Head of Cloud Security unravels the differences between them and shares her expert opinion on the solution that offers the most value for organizations.