BlackSanta ‘EDR-killer’ malware targets HR departments

Steve ZurierMarch 11, 2026

Malware collects info about the OS, user accounts, and host configurations.

RESOURCES

Governance, Risk and Compliance
From audit readiness to operational assurance: Why CCM modernization cannot wait
Zero Trust World
The importance of keeping calm in trying circumstances: Zero Trust World 2026
Identity
Identity security as app growth accelerates: Why automation is becoming essential
Zero Trust World
Prompt engineering malware with ThreatLocker’s Kieran Human
Zero Trust World
Unmasking the dark web with ThreatLocker’s Collin Ellis

PODCASTS

Leadership
Being Exploitable While Your Risk Tolerance Changes and You Unblock Innovation – Myke Lyons – BSW #438
Vulnerability Management
Precious Bodily Fluids, InstallFix, CISA, Claude, Overtime, Sim Swaps, Aaran Leyland – SWN #562
Application security
Making Medical Devices Secure – Tamil Mathi – ASW #373
Threat Intelligence
From Alerts to Action: Making Public–Private Threat Intel Actually Useful – Ian Washburn – CSP #222
Malware
Breaking in with CrashFix, supply chain security, and CMMC phase 1 – Anna Pham, David Zendzian, Jacob Horne – ESW #449

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Incident Response

First CIRM warranty protecting employees from breach liability announced

Laura FrenchMarch 11, 2026

BreachRx warranty covers up to $3 million in personal or corporate penalties stemming from an incident.

Salesforce office building in Singapore City. Salesforce Inc is an American Fortune 500 listed, cloud-based software company.

Salesforce confirms ShinyHunters exploited Experience Cloud sites

Steve ZurierMarch 10, 2026

The ShinyHunters cybercrime group has systematically targeted Salesforce instances since mid-2025.

(Credit: Rafael Henrique – stock.adobe.com)

Application security

Mozilla fixes 22 Firefox vulnerabilities discovered by Anthropic’s Claude AI

Laura FrenchMarch 10, 2026

Anthropic recently published coordinated disclosure policies for Claude-discovered flaws.

(Adobe Stock)

Governance, Risk and Compliance

Trump cyber policy focuses on offensive operations, harnessing AI

Steve ZurierMarch 9, 2026

Trump cyber policy shifts from secure-by-design towards offensive operations.

(Credit: MysteryShot – stock.adobe.com)

Vulnerability Management

3 Apple flaws from Coruna exploit kit added to CISA vulnerability list

Laura FrenchMarch 6, 2026

The exploit kit affects versions of iOS between 13.0 and 17.2.1.

Flag of Iran on binary code

Threat Management

Iranian APT group MuddyWater targets multiple US companies

Steve ZurierMarch 6, 2026

Recent Iranian campaign picked up after the Feb. 28 U.S.-Israel attack.

Vulnerability Management

‘Mail2Shell’ FreeScout patch bypass exploit leads to RCE

Laura FrenchMarch 6, 2026

Researchers say an attacker could achieve unauthenticated RCE by sending a crafted email.

Network Security

Cisco patches 48 bugs across firewall products; notes two more SD-WAN flaws exploited

Steve ZurierMarch 5, 2026

Internet-facing edge devices are now major targets for attackers as the war in the Middle East unfolds.

EVENTS