Operations | Monitoring | ITSM | DevOps | Cloud

canonical

What you need to know about regreSSHion: an OpenSSH server remote code execution vulnerability (CVE-2024-6387)

Jul 3, 2024 By Luci Stanescu In Canonical
On 1 July 2024 we released a fix for the high-impact CVE-2024-6387 vulnerability, nicknamed regreSSHion, as part of the coordinated release date (CRD). Discovered and responsibly disclosed by Qualys, the unauthenticated, network-exploitable remote code execution flaw affects the OpenSSH server daemon (sshd) starting with version 8.5p1 and before 9.8p1.
Read Post
Sponsored Post
chaossearch

5 Security Logging and Monitoring Mistakes to Avoid

Jun 28, 2024 By David Bunting In ChaosSearch
As cybersecurity attack vectors evolve, security logging and monitoring are becoming even more important. Effective logging and monitoring enables organizations to detect and investigate security incidents quickly. Cloud-based attackers are getting more sophisticated, and often rely on stolen credentials to escalate privileges and move laterally within corporate IT networks. Many do so undetected, which is why modern IT systems require a watchful eye on log data to detect suspicious activity and inform incident response efforts.
Read Post
NinjaOne

What Is the National Vulnerability Database?

Jun 28, 2024 By Lauren Ballejos In NinjaOne
The National Vulnerability Database (NVD) is an information resource provided by the U.S. government that catalogs security vulnerabilities in a standardized, searchable format. It includes databases containing software and hardware products, their known security flaws (including misconfigurations), as well as their severity and impact. The NVD is an important resource for IT professionals to stay up-to-date with potential security concerns in their IT infrastructure.
Read Post
puppet

Stay Ahead of Known Vulnerabilities with Automated Patch Management

Jun 26, 2024 By Robin Tatam In Puppet
The consequences of not patching are everywhere: remember the Log4j vulnerability that grants hackers complete access to your devices? The best way to prevent this from happening is to use a patched version of Log4j — so why did this become a catastrophic and prolific security vulnerability event? A: Because people hate, forget, or simply dismiss patching as a labor-intensive part of managing their infrastructure.
Read Post

Introduction to RBVM: A Solution for Vulnerability Management at Ivanti #ivanti

Jun 13, 2024 By Ivanti In Ivanti
Derek Illum presents the RBVM solution for vulnerability management at Ivanti, detailing its functionality, benefits, and related statistics. The process involves data collection, automation, and integration with other tools. The tool, hosted in the AWS gov cloud, integrates with various systems, including Microsoft Defender for endpoint. Users can explore RBVM, focus on a risk-based approach, and utilize its dashboards and SLA management features.
View Video
canonical

Ubuntu Security Notices now available in OSV format

Jun 11, 2024 By Canonical In Canonical
Canonical is now issuing Ubuntu Security Notices (USNs) in the open source OSV format. Using the information provided, developers can identify known third-party, open source dependency vulnerabilities that pose a genuine risk to their application and its environment. This collaboration between Canonical and OSV aims to simplify vulnerability management and further enhance security for Ubuntu users.
Read Post
opsmatters

The Ultimate Cloud Security Checklist: How to Protect Your Brand's Data

Jun 10, 2024 By OpsMatters In OpsMatters
The cloud revolution is here. The flexibility, scalability, and cost savings of cloud computing have led businesses of all sizes to migrate operations to the cloud. By 2025, Gartner estimates that over 95% of new digital workloads will be deployed on cloud-native platforms. But this monumental shift is not without risks. High-profile data breaches like the Capital One hack serve as sobering reminders that the cloud introduces new attack surfaces and vulnerabilities.
Read Post
NinjaOne

Top Vulnerabilities and the Power of Patch Management

May 8, 2024 By NinjaOne In NinjaOne
The cybersecurity landscape in 2023 was increasingly complex, marked by sophisticated types of cyber threats such as ransomware and cyber espionage. Over half of the high-risk vulnerabilities were exploited by threat actors, with ransomware payouts averaging a significant $1,542,333, up from $812,380 in 2022. Phishing attacks dominated, accounting for over 80% of incidents, and 57% of organizations experienced frequent phishing attempts. Additionally, 4,000 ransomware attacks occurred daily since 2016.
Read Post

Mastering Cybersecurity: Essential OWASP Guidelines for Effective Protection

May 8, 2024 By Civo In Civo
Join Dwayne McDaniel as he discusses the challenges and essentials of effective cybersecurity, highlighting the impact of bad security practices, the benefits of robust security measures, and the importance of community collaboration. This talk explores practical insights on improving security protocols, leveraging community knowledge, and the significant role of automation in ensuring safe, uninterrupted digital environments.
View Video

Navigating the Threat Landscape: Managing Ransomware Vulnerability with RBVM

Apr 29, 2024 By Ivanti In Ivanti
Ivanti’s Amer Child previews his session at ISS 2024, zeroing in on Ivanti’s RBVM dashboard and how it can be used to manage your organization’s susceptibility to ransomware in a fast-moving threat landscape. Ivanti finds, heals, and protects every device, everywhere – automatically. Whether your team is down the hall or spread around the globe, Ivanti makes it easy and secure for them to do what they do best.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.