Strengthening Identity Proofing in the Age of AI Voice Generators
In the age of artificial intelligence, identity and trust are critical. But businesses must find the balance between risk and trust.
Weekly Top 10: 07.07.2025: 600,000 WordPress Sites Affected by Arbitrary File Deletion Vulnerability; FoxyWallet: 40+ Malicious Firefox Extensions Exposed; Filefix Part 2: Social Engineering via HTML Applications, and More.
600,000 WordPress Sites Affected by Arbitrary File Deletion Vulnerability; FoxyWallet: 40+ Malicious Firefox Extensions Exposed; Filefix Part 2: Social Engineering via HTML Applications
The Necessity of Real-Time AI Playbook Updates
Threat teams are staying on high alert because AI-powered threat campaigns are becoming more common. Updated playbooks, also known as runbooks, are essential for these teams. Currently, they face the risk of falling behind.
The State of Cyber Espionage in 2025—Part 2
In Part 2 of our series on Cyber Espionage, Elise Manna-Browne expands on techniques for recruiting a spy, and just how easy it can be to weaponize a human asset in 2025.
The State of Cyber Espionage in 2025—Part 1
It's mid 2025 and the modern cybersecurity landscape is starting to resemble the plot of a spy thriller—more activity is being attributed not just to remote nation-state actors, but human assets recruited to penetrate the office perimeter in-person with the goal of exfiltrating data.
Weekly Top 10: 06.30.2025: Cybercrime Surging Across Africa; New Exploits Target CitrixBleed-2 Vulnerability; Microsoft 365 Abuse Enables Phishing from Trusted Sources, and More.
Cybercrime Surging Across Africa; New Exploits Target CitrixBleed-2 Vulnerability; Microsoft 365 Abuse Enables Phishing from Trusted Sources, and 7 more.
What is FIN6? And Why Its Latest Malware Attack Is So Effective
Looking for a new job or employee has become a more perilous task thanks to the recent tactics to spread malware by FIN6.
Here we take a look at some of what makes FIN6 More_eggs attacks work so well.
Weekly Top 10: 06.23.2025: Initial Access Broker of Ransomware Group Ryuk Extradited to the U.S.; Cloudflare Blocked a Record 7.3 Tbps DDoS Attack; Record 16 Billion Credentials Leaked on Hacking Forum, and More.
Initial Access Broker of Ransomware Group Ryuk Extradited to the U.S.; Cloudflare Blocked a Record 7.3 Tbps DDoS Attack; Record 16 Billion Credentials Leaked on Hacking Forum, and 7 more.
The Modern IR Runbook
Incident Response (IR) is an ever-changing realm of cybersecurity that can leave teams scrambling at all hours, scouring runbooks to figure out the next steps during an attack. Automation can simplify much of this work, according to Abby Dykes, Threat Operations & Forensics Team Lead at Novacoast, who walked us through a few IR scenarios at the Nashville Innovate Summit in April.
Weekly Top 10: 06.16.2025: Fog Ransomware: Unusual Toolset Used in Recent Attack; EchoLeak: Critical Zero-Click AI Vulnerability in Microsoft 365 Copilot; Stealth Falcon’s Exploit of Microsoft Zero-Day Vulnerability, and More.
Fog Ransomware: Unusual Toolset Used in Recent Attack; EchoLeak: Critical Zero-Click AI Vulnerability in Microsoft 365 Copilot; Stealth Falcon's Exploit of Microsoft Zero-Day Vulnerability, and 7 more.