What CMMC 3.0 Really Means for Government Contractors

Blog

Byadmblake August 6, 2025

The ultimate goal of CMMC 3.0 is not just compliance — it’s resilience.

Blog

Synthetic Data Is Here to Stay, but How Secure Is It?

Synthetic data offers organizations a way to develop AI while maintaining privacy compliance but requires careful management to prevent re-identification risks and ensure model accuracy.

Read More Synthetic Data Is Here to Stay, but How Secure Is It?
Blog

Google Merges Security Offerings Into a Cohesive Suite

Google Unified Security brings together threat detection, AI-powered security, secure browser features, and Mandiant services, the company said at its Cloud Next conference.

Read More Google Merges Security Offerings Into a Cohesive Suite
Blog

Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability

A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven different organizations compromised to date. Tracked as CVE-2025-30406 (CVSS score: 9.0), the vulnerability refers to the use of a hard-coded cryptographic key that could expose internet-accessible servers to remote code execution attacks

Read More Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability
Blog

SigRed: CVE-2020-1350 Windows DNS Server Remote Code Execution Vulnerability

The Microsoft Patch Tuesday release for July 14, 2020 contains (123) reported disclosures. This month’s release has one critical vulnerability in Microsoft Windows Server (CVE-2020-1350) that allows for remote code execution by an unauthenticated attacker. It also has been confirmed by Microsoft to be wormable; devoid of user interaction. What are the specifics of the…

Read More SigRed: CVE-2020-1350 Windows DNS Server Remote Code Execution Vulnerability
Blog

DHS Boss Noem Vows to Get CISA Back ‘On Mission’

Secretary Noem asks the cybersecurity community to get in touch with CISA to help reshape the agency to focus on finding efficiencies.

Read More DHS Boss Noem Vows to Get CISA Back ‘On Mission’
Blog

Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials

In what has been described as an “extremely sophisticated phishing attack,” threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google’s infrastructure and redirect message recipients to fraudulent sites that harvest their credentials. “The first thing to note is that this is a valid, signed email – it really…

Read More Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials

Related