Palo Alto Networks Begins Unified Security Rollout
Cortex Cloud integrates Prisma Cloud with CDR to provide a consolidated security posture management and real-time threat detection and remediation.
-
-
ToddyCat APT Targets ESET Bug to Load Silent Malware
Researchers found the threat actor attempting to use the now-patched flaw to load and execute a malicious dynamic link library on infected systems.
-
NIST to Implement ‘Deferred’ Status to Dated Vulnerabilities
The changes will go into effect over the next several days to reflect which CVEs are being prioritized in the National Vulnerability Database (NVD).
-
Scattered Spider’s ‘King Bob’ Pleads Guilty to Cyber Charges
The 20-year-old was arrested in January 2024 alongside four other group members who carried out related cybercriminal acts, earning them similar charges.
-
Autonomous, GenAI-Driven Attacker Platform Enters the Chat
“Xanthorox AI” provides a modular GenAI platform for offensive cyberattacks, which supplies a model-agnostic, one-stop shop for developing a range of cybercriminal operations.
-
Intergenerational Mentoring: Key to Cybersecurity’s AI Future
As threats evolve and technology changes, our ability to work together across generations will determine our success.
-
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks
Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel. “‘Fast flux’ is a technique used to obfuscate the locations of malicious servers through rapidly changing…
-
⚡ Weekly Recap: VPN Exploits, Oracle’s Silent Breach, ClickFix Comeback and More
Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps — but in job offers, hardware, and cloud services we rely on every day. Hackers don’t need sophisticated exploits anymore. Sometimes, your credentials and…
-
Security Theater: Vanity Metrics Keep You Busy – and Exposed
After more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, I’ve learned that looking busy isn’t the same as being secure. It’s an easy trap for busy cybersecurity leaders to fall into. We rely on metrics that tell a story of the tremendous efforts we’re expending…
-
PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks
A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims’ digital wallets. “Recipients of the bulk spam are targeted with a cryptocurrency seed phrase poisoning attack,” Silent Push said in an