Vulnerability ManagementAlarms sound over attacks via Microsoft NTLM vulnerabilityAttacks targeting government and contractor companies in Poland and Romania via NTLM exploit.
RansomwareInterlock ransomware evolves tactics with ClickFix, infostealersThe lesserknown ransomware group uses fake updaters on compromised sites to lure victims.
Critical Infrastructure SecurityChina’s allegation that NSA hacked Asian Winter Games draws suspicionExperts say companies need to step up cybersecurity during ongoing U.S.-China tensions.
Security OperationsNew research reveals flaws in security team performance metrics IDC's survey of 900 security leaders reveals widespread use of volume-based metrics for team performance. How do we shift from measuring activity to measuring true impact?
RansomwareBlack Basta chat leaks reveal details on ransomware infrastructureIn addition to the insight into the Black Basta, report shows Clop had nearly 400 victims in Q1.
Threat IntelligenceBlack Basta-like Microsoft Teams phishing leads to novel backdoorA new PowerShell backdoor and persistence technique that hijacks TypeLib were discovered.
IdentityAmazon EC2 instance metadata targeted in SSRF attacksEC2 instance metadata can include sensitive information such as IAM role credentials.
Cloud SecurityHow to plan your cloud migration with security in mindTo protect your cloud-based assets, your organization must consider security and compliance when planning your cloud migration journey.
Government RegulationsTrump orders probe of ex-CISA chief Krebs over 2020 election disputeKrebs is on record saying the 2020 election “was the most secure in American history.”
AI/MLAI-driven state-sponsored cyberattacks worry security professionalsCyberwarfare is no longer a distant threat as tensions escalate between nations worldwide.
Proactive law enforcement takedowns in 2024 reshaped the cybercrime ecosystemDon Smith December 30, 2024
Attempted fraud totaling $4B averted by Microsoft amid escalating AI-powered scamsSC StaffApril 18, 2025
