Review: Practical Purple Teaming
Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how…
Ding ding: Fortra rings the perfect-10 bell over latest GoAnywhere MFT bug
Budding ransomware crooks have another shot at exploiting Fortra's GoAnywhere MFT product now that a new 10/10 severity vulnerability needs…
Beyond Tick Boxes: An Auditor’s Perspective on Information Security Compliance
Introduction As cyber threats evolve and regulatory requirements tighten, businesses face increasing pressure to protect their sensitive data…
Deepfakes at the Gate: How Fake Job Applicants Are Becoming a Serious Cyber Threat
In recent months, the hiring process has become a new attack surface. Cybercriminals are no longer just spoofing emails or exploiting software…
Expert Spotlight: Koushik Anand on IAM and PAM Excellence at Enterprise Scale
By Gary Miliefsky, Publisher With more than 80% of breaches involving stolen or misused credentials, identity is the control point that…
Digital Transformation Failures: A National Security Crisis in the Making
In the hyperconnected world, digital transformation has become synonymous with progress, efficiency and innovation. For governments, business…
⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More
In a world where threats are persistent, the modern CISO's real job isn't just to secure technology—it's to preserve institutional trust…
New HybridPetya Weaponizing UEFI Vulnerability to Bypass Secure Boot on Outdated Systems
In late July 2025, a series of ransomware samples surfaced on VirusTotal under filenames referencing the notorious Petya and NotPetya attacks.…
New HybridPetya ransomware can bypass UEFI Secure Boot
A recently discovered ransomware strain called HybridPetya can bypass the UEFI Secure Boot feature to install a malicious application on…
ICO Warns of Student-Led Data Breaches in UK Schools
Over half (57%) of insider data breaches in UK schools are caused by students, with many children being set up for “a life of cybercrime,” a…
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based…
The Time-Saving Guide for Service Providers: Automating vCISO and Compliance Services
Introduction Managed service providers (MSPs) and managed security service providers (MSSPs) are under increasing pressure to deliver strong…
Windows 11 KB5065426 & KB5065431 cumulative updates released
September 9, 2025 01:37 PM Microsoft has released Windows 11 KB5065426 and KB5065431 cumulative updates for versions 24H2…
Microsoft September 2025 Patch Tuesday – 81 Vulnerabilities Fixed Including 22 RCE
Microsoft has released its September 2025 Patch Tuesday updates, addressing a total of 81 security vulnerabilities across its product suite.…
How Leading CISOs are Getting Budget Approval
It’s budget season. Once again, security is being questioned, scrutinized, or deprioritized. If you’re a CISO or security leader,…
Automation Is Redefining Pentest Delivery
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat…
VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages
Cybersecurity researchers have flagged a new malware campaign that has leveraged Scalable Vector Graphics (SVG) files as part of phishing…
Windows 11 KB5064081 update clears up CPU usage metrics in Task Manager
Microsoft has released the KB5064081 preview cumulative update for Windows 11 24H2, which includes thirty-six new features or…
Experimental PromptLock ransomware uses AI to encrypt, steal data
Threat researchers discovered the first AI-powered ransomware, called PromptLock, that uses Lua scripts to steal and encrypt data on Windows,…
Why zero trust is never 'done' and is an ever-evolving process
Picture this scenario: Six months after celebrating their “zero trust transformation,” a financial services firm gets hit with a…
Researchers Discover First Reported AI-Powered Ransomware
In what is reportedly a world-first, ESET researchers have discovered PrompLock, a generative AI-powered ransomware implant currently in…
Emulating the Expedited Warlock Ransomware
Introduction Warlock is a ransomware strain operating under the Ransomware-as-a-Service (RaaS) model that emerged in June 2025, following an…
Beyond GDPR security training: Turning regulation into opportunity
By Eirik Salmi, System Analyst at Passwork Even though 88% of businesses spend over €1 million on GDPR compliance and 40% invest up to…
Securing the AI Revolution: Introducing Cloudflare MCP Server Portals
2025-08-26 6 min read Securing the AI Revolution: Introducing Cloudflare MCP Server Portals Large Language Models (LLMs) are rapidly evolving…
Ten Years of Resilience, Innovation & Community-Driven Defense
The world of cybersecurity has been a wild ride over the last decade. As attackers stepped up their game year over year, the security…
Apple Sues Ex-Engineer, Alleging He Stole Apple Watch Secrets for Rival Oppo
Ddos August 24, 2025 Apple has recently accused a former member of its Apple Watch development team of misappropriating trade secrets related…
Data Is a Dish Best Served Fresh: “In the Wild” Versus Active Exploitation
The term “In the Wild” is broadly used to refer to any activity that has been observed outside of a controlled environment.…
Why Enterprises Need Preemptive Cybersecurity to Combat Modern Phishing
Phishing isn’t what it used to be. It’s no longer fake emails with bad grammar and sketchy links. With AI, modern phishing attacks…