Microsoft Office 365 MFA targeted by ‘SessionShark’ phishing kit

Laura FrenchApril 25, 2025

The malicious service is advertised to evade detection and closely mimic a real login page.

RESOURCES

AI/ML
AI at RSAC: The innovations that will shape cybersecurity’s future
Ransomware
From ransomware recovery to endpoint security innovation: The ThreatLocker story
Application security
Why comprehensive scan coverage is critical for DevSecOps lifecycle success and regulatory compliance
Critical Infrastructure Security
We’re the federal government, and we’re (maybe) no longer here to help
DevSecOps
Security without speed bumps: Using WAF simulator to transform DevSecOps workflows

PODCASTS

Vulnerability Management
Beating the AI Game, Ripple, Numerology, Darcula, Special Guests from Hidden Layer… – Malcolm Harkins, Kasimir Schulz – SWN #471
Vulnerability Management
Hacking Crosswalks and Attacking Boilers – PSW #871
Leadership
ISO 42001 Certification, CIOs Struggle to Align Strategies, and CISOs Rethink Hiring – Martin Tschammer – BSW #392
Security Strategy, Plan, Budget
Brains, Elusive Comet, AI Scams, Microsoft Dog Food, Deleting Yourself, Josh Marpet – SWN #470
Application security
Managing Secrets – Vlad Matsiiako – ASW #327

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Vulnerability Management

SAP patches zero day rated 10.0 in NetWeaver

Steve ZurierApril 25, 2025

Attackers observed exploiting vulnerability in SAP's NetWeaver Visual Composer product.

Businessman chatting with AI or artificial intelligence technology. A man uses a laptop computer to chat with an intelligent AI.

Identity and Access Management to steal the spotlight at RSAC 2025

Karen "Pepper" HoffmanApril 25, 2025

Emerging identity and access management tools and approaches will be a hot topic this year.

‘Vibe coding’ using LLMs susceptible to most common security flaws

Laura FrenchApril 24, 2025

OpenAI’s models were most likely to produce vulnerable code in tests by Backslash Security.

A digital lock rests prominently on a circuit board, symbolizing the importance of cybersecurity.

Vulnerability Management

Commvault Command Center bug rated 10.0 patched

Steve ZurierApril 24, 2025

CVE-2025-34028 could lead to a complete compromise of the Command Center.

Background image presenting cyber security and attack concept

Network Security

Hackers exploiting vulnerabilities at higher rates, reports Verizon

Shaun NicholsApril 23, 2025

Stolen credentials still make up most common threat vector in annual cybersecurity report.

A sign on top of a building reads "Siemens" in blue letters.

Critical Infrastructure Security

Critical bugs in Siemens, Schneider Electric gear top CISA advisory

Steve ZurierApril 23, 2025

CISA cites 16 CVEs impacting industrial systems in ICS advisory, four critical.

Trading security and spying concept with noface hacker using laptop an digital display with financial graphs and forex chart. Double exposure

Financial malware on the rise as espionage attacks decline

Shaun NicholsApril 23, 2025

Threat actors are getting more work from the private sector than from government sponsored agencies.

(Credit: Andreas Prott – stock.adobe.com)

Google fixes Cloud Composer privilege escalation vulnerability

Laura FrenchApril 22, 2025

Tenable researchers say “ConfusedComposer” highlights how attackers can exploit cloud service permissions.

EVENTS