Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Don't Be Fooled By This Sneaky Disney+ Scam

Dec 6, 2023 By Stu Sjouwerman In KnowBe4

A phishing campaign is impersonating Disney+ with phony invoices, according to researchers at Abnormal Security. The phishing emails targeted individuals at 22 organizations in September. “The first step in this multi-stage attack is a seemingly auto-generated notification email informing the target of a pending charge for their new Disney+ subscription,” the researchers explain.

Read Post

AI Reality Check: Navigating High False Positives Today | Proceed with Caution | Razorthorn Security

Dec 6, 2023 By Razorthorn In Razorthorn
In this eye-opening video, we dive deep into the current state of AI, shedding light on a significant challenge it grapples with - a high false positive rate. While optimism is warranted for the future, I candidly express my belief that we are still a number of years away from achieving true production readiness.
View Video

SolarWinds' CISO Under SEC Scrutiny: The Impact On The Infosec Community || Razorthorn Security

Dec 6, 2023 By Razorthorn In Razorthorn
Welcome to Razorwire, the podcast where we cut through the noise to bring you incisive discussions on all things cybersecurity. I'm your host, Jim, and in today's episode, we delve into the SEC charges against SolarWinds CISO, a case that has sent shockwaves through the infosec community. In this episode, our guests Iain Pye and Chris Dawson discuss the hype surrounding the trial and its impact on the infosec community and the potential consequences for all Chief Information Security Officers (CISOs). We also explore the uncertainties surrounding the CISO's responsibilities and actions within the organisation regarding addressing security vulnerabilities, as well as the potential implications of the SEC ruling on CISOs' risk aversion and self interest. Lastly, we talk about the dynamics of security compliance certifications and the potential manipulation involved in obtaining them. If you're a cybersecurity professional, join us as we dissect the complexities of CISO responsibilities, the SEC's pursuit of individuals over organisations and the implications of legal actions on the infosec landscape. Tune in for an insightful discussion that will challenge your perspectives and keep you on the cutting-edge of cybersecurity issues.
View Video
idstrong

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

Dec 6, 2023 By Steven In IDStrong

The Pan-American Life Insurance Group (PALIG) provides various insurance plans across the states and beyond. PALIG employs more than 2,100 staff and has a 110-year history of providing insurance to those needing it. Companies and individuals turn to PALIG in their time of need, and PALIG returns the favor by providing high-quality insurance options.

Read Post
SecurityScorecard

90% of Energy Companies Experienced a Third-Party Breach

Dec 6, 2023 By SecurityScorecard In SecurityScorecard

More than two years after the major U.S. pipeline ransomware incident, the SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team has released a new report revealing that 90% of the largest global energy companies have experienced a third-party breach in the past 12 months. This research highlights the uphill battle faced by the energy industry in combating emerging threats across the supply chain.

Read Post
SecurityScorecard

Third-Party Data Breach Response Playbook

Dec 6, 2023 By SecurityScorecard In SecurityScorecard

The risk of data breaches has become an omnipresent concern for businesses and organizations. And as technology continues to evolve, so do the tactics of cybercriminals. One critical aspect of cybersecurity strategy involves preparing for and responding to third-party data breaches. A well-constructed response playbook is indispensable in mitigating the potential damages and ensuring a swift recovery.

Read Post

Securing your cloud infrastructure with Tines & Wiz

Dec 6, 2023 By Tines In Tines
Wiz and Tines offer a powerful solution to remediate any cloud risks detected in minutes. Wiz scans your entire cloud infrastructure and gives you complete visibility into anything that runs in it - raising vulnerabilities and bringing them to the forefront. Tines’ no-code platform then transforms, analyzes, and prioritizes information from Wiz to handle cloud remediation alerts automatically without needing to engage developers or write a single line of code.
View Video
devo

Reflecting on 2023: Evolving our Product, Deepening Partnerships, and Staying Committed to the Security Community

Dec 6, 2023 By Devo In Devo
As the new year approaches, security professionals and analysts alike are taking a step back to review what has transpired over the past twelve months. At Devo, 2023 was an exciting year full of change and progress. As we look forward to 2024, we want to take some time to reflect on Devo’s year across product enhancements, analyst recognition, partnerships, and community engagement.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.