Category: Uncategorized

Cyber threats in 2025 require a proactive, adaptive approach. To stay ahead, CISOs must balance technical defenses, regulatory expectations, and human factors. By prioritizing AI-driven security, ransomware resilience, supply chain risk management, insider threat mitigation, and compliance preparedness, CISOs can strengthen their security posture. Here are the top five threats keeping CISOs up at night […]

U.S. CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 14, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) […]

Threat Analysis PurpleBravo The Contagious Interview campaign, first documented in November 2023, targeted software developers primarily in the cryptocurrency space and was attributed to North Korea. The campaign used the JavaScript infostealer BeaverTail, the cross-platform Python backdoor InvisibleFerret, and most recently OtterCookie, a new backdoor identified in December 2024. The group responsible for this activity […]

55-year old Davis Lu, of Houston, Texas, has been found guilty of intentionally causing damage to the computer systems of his ex-employer, and could face up to 10 years in prison. Lu had been employed as a software developer between 2007 and 2019 by multinational firm Eaton, which provides energy-efficient solutions for the aerospace, automotive […]

Mar 14, 2025Ravie LakshmananMobile Security / Encryption The GSM Association (GSMA) has formally announced support for end-to-end encryption (E2EE) for securing messages sent via the Rich Communications Services (RCS) protocol, bringing much-needed security protections to cross-platform messages shared between Android and iOS platforms. To that end, the new GSMA specifications for RCS include E2EE based […]

Microsoft says it partially mitigated a week-long Exchange Online outage causing delays or failures when sending or receiving email messages. While the company didn’t publicly share information on this incident, it tagged it as a critical service issue tracked under EX1027675 on the Microsoft 365 Admin Center. Microsoft has yet to share more information on […]

Charlie Osborne 28 February 2023 at 14:15 UTC Updated: 28 February 2023 at 14:51 UTC Armed with personal data fragments, a researcher could also access 185 million citizens’ PII A researcher has disclosed how he was able to access the personal identifiable information (PII) of potentially 185 million Indian citizens – and create counterfeit driving […]

The Trump administration begins under the shadow of a series of consequential Chinese cyber hacks targeting U.S. critical infrastructure. While incoming officials grapple with long-standing failures to deter China and other adversaries from launching cyberattacks on the U.S. homeland, the Department of Defense (DOD) faces a startling capability gap: The civilian and military professionals responsible […]

The departures have strained a workforce that was already stretched thin. “We were running into [a] critical skills shortage previously,” says a second employee. “Most people are and have been doing the work of two or more full-time [staffers].” The CISA team that helps critical infrastructure operators respond to hacks has been understaffed for years. […]

ebrublue10/Getty Images Cybercriminals are weaponizing artificial intelligence (AI) across every attack phase. Large language models (LLMs) craft hyper-personalized phishing emails by scraping targets’ social media profiles and professional networks. Generative adversarial networks (GAN) produce deepfake audio and video to bypass multi-factor authentication. Automated tools like WormGPT enable script kiddies to launch polymorphic malware that evolves […]