Threat IntelligenceMalicious .NET files conceal RATs in bitmap imagesLaura FrenchMay 9, 2025A recent malspam campaign revealed a payload nested within two .NET assemblies.
Vulnerability ManagementCisco es maximum severity vulnerability in IOS XE SoftwareLaura FrenchMay 8, 2025A hard-coded JSON Web Token could allow a remote attacker to upload files with root privileges.
RansomwareMost cyber insurance claims stem from BEC, fraud, report saysLaura FrenchMay 7, 2025The Coalition 2025 Cyber Claims Report revealed an increase in severity of BEC losses in 2024.
RansomwareMamona ransomware lowers the bar with offline encryptionLaura FrenchMay 6, 2025Simplistic “commodity” ransomware makes it easy to launch low-skill attacks.
RSACRSAC 2025: Top 5 mobile app risks revealed by half a million assessmentsLaura FrenchMay 1, 2025Organizations can’t assume apps from the Apple and Google Play stores have been tested for security.
RSACRSAC 2025: Vishing defenses that go beyond trainingLaura FrenchApril 30, 2025Voice firewalls, call authentication and real-time fraud detection offer robust vishing prevention.
AI/MLRSAC 2025: Being realistic about fixing code with LLMsLaura FrenchApril 29, 2025More than 2,500 test runs show the code analysis capabilities and limitations of popular models.
AI/MLRSAC 2025: Agentic AI highlights need for inclusive authentication methodsLaura FrenchApril 29, 2025Flexibility aids both AI agent and disability-accessible identity management.
AI/MLRSAC 2025: Using an ‘MRI’ for neural networks to understand LLM jailbreaksLaura FrenchApril 28, 2025CyberArk researchers studied how specific neurons and layers of LLM architecture respond to prompts.
Vulnerability ManagementMicrosoft Office 365 MFA targeted by ‘SessionShark’ phishing kitLaura FrenchApril 25, 2025The malicious service is advertised to evade detection and closely mimic a real login page.
