Verizon’s 2025 Data Breach Investigations Report highlighted dire — but not new — trends in the education sector. Without more help, faculty and staff continue to fall for social engineering…
M&S has launched an investigation and said some customer operations are impacted. – Read More
Use of synthetic identities by malicious employment candidates is yet another way state-sponsored actors are trying to game the hiring process and infiltrate Western organizations. – Read More
Attackers are using credentials stolen via phishing websites that purport to be legitimate securities company homepages, duping victims and selling their stocks before they realize they’ve been hacked. – Read…
Scalable, effective — and best of all, free — securing Kubernetes workload identity cuts cyber-risk without adding infrastructure, according to new research from SANS. – Read More
In a world where insider threats, nation-state adversaries, and technological evolution create new challenges, companies must prioritize transparency, ethical leadership, and a culture rooted in trust. – Read More
Critics — which include the US embassy in Zambia — contend the just-signed Cyber Security Act and the Cyber Crime Act allow suppression of dissent and too much concentration of…
The cybersecurity landscape confounded expectations in 2024, as anticipated threats and risk didn’t materialize and less widely touted attack scenarios shot up. – Read More
Understanding how multiple AI models speak to each other and deciding which framework to use requires careful evaluation of both the business benefits of advanced AI orchestration and the cybersecurity…
The tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT’s breach of its…
The Texas municipality is following its incident response playbook as it works with a third-party to investigate the scope and scale of the attack. – Read More
Dialysis firm DaVita, Wisconsin-based Bell Ambulance, and Alabama Ophthalmology Associates all suffered apparent or confirmed ransomware attacks this month. – Read More
A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications. – Read More
Agentic AI’s appeal is growing as organizations seek more autonomous and hands-off approaches to their security protocols as risks increase and threats become more sophisticated. – Read More
The incident should serve as a critical wake-up call. The stakes are simply too high to treat AI security as an afterthought — especially when the Dark Web stands ready…