Redefining the Role: What Makes a CISO Great

Blog

Byadmblake August 8, 2025

Security is everyone’s responsibility, but as a CISO, it starts with you.

Blog

LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers

A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition. The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 (CVSS score: 7.5). It was addressed by Microsoft as part of Patch Tuesday updates for December 2024, alongside CVE-2024-49112 (

Read More LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
Blog

Attackers Don’t Just Send Phishing Emails. They Weaponize Your SOC’s Workload

The most dangerous phishing campaigns aren’t just designed to fool employees. Many are designed to exhaust the analysts investigating them. When a phishing investigation takes 12 hours instead of five minutes, the outcome can shift from a contained incident to a breach. For years, the cybersecurity industry has focused on the front door of phishing…

Read More Attackers Don’t Just Send Phishing Emails. They Weaponize Your SOC’s Workload
Blog

Cyber Insurance Rates Are Dropping, but Exclusions Widen

Cyber insurance coverage is slowly changing, and some policies may not provide coverage for social engineering attacks like ClickFix.

Read More Cyber Insurance Rates Are Dropping, but Exclusions Widen
Blog

AI Agents Access Everything, Fall to Zero-Click Exploit

Zenity CTO Michael Bargury joins the Black Hat USA 2025 News Desk to discuss research on a dangerous exploit, how generative AI technology has “grown arms and legs” —and what that means for cyber risk.

Read More AI Agents Access Everything, Fall to Zero-Click Exploit
Blog

Google Chrome Enterprise: Extend Protections From Browser to OS

Dark Reading’s Terry Sweeney and Google’s Loren Hudziak discuss how the humble web browser has transformed from a simple web access tool into a common conduit through which a lot of business is done.

Read More Google Chrome Enterprise: Extend Protections From Browser to OS
Blog

Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3, March 13, and March 23, 2026, per Check Point. “The campaign is…

Read More Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

Related