Know What's Happening in Cybersecurity
Know What's Happening in Cybersecurity
Syrian government X accounts hijacked, revealing MFA failures
In early March 2026, several Syrian government accounts on X—including the presidency and central bank—were seized and used to post pro‑Israel messages and explicit content. investigators traced the breach to shared credentials and the absence of multifactor authentication. Officials pledged urgent remedial steps and new regulations to strengthen credential security.
Also developing:
By the numbers: Noma Security raises $132M to expand AI‑driven security platform
Security researchers have identified a new OAuth consent attack vector in Microsoft Entra ID where a legitimate service principal such as ChatGPT is granted high‑risk Graph permissions like Mail.Read. By tricking users into approving a consent screen, attackers obtain persistent tokens that bypass MFA and allow read‑only access to the user’s mailbox. The abuse is logged through correlated Add service principal and Consent to application events, enabling detection. Mitigations include revoking the oAuth2PermissionGrant, removing the service principal, and tightening user‑consent policies.
Munich‑based Secfix closed an oversubscribed $12 million Series A round led by Alstin Capital, with Bayern Kapital and existing backer neosfer participating. The funding will accelerate Secfix’s European expansion and the development of its AI‑native automation and CISO‑as‑a‑Service capabilities. Secfix’s platform automates...
Microsoft Defender has identified a coordinated campaign that weaponizes seemingly legitimate Next.js repositories to compromise developers. The malicious projects, often presented as interview assessments, exploit Visual Studio Code workspace automation, build‑time scripts, and server startup routines to fetch and execute...
Security teams increasingly view vendors and contractors as the most vulnerable entry points, exposing gaps in traditional employee‑centric access controls. Boon Edam advocates an “outside‑in” strategy that places layered verification at the perimeter, limiting tailgating and ad‑hoc credential use. By shifting...
You’re going to see a lot of fake Apple Newsroom headlines here that look like this (below), and it may even influence folks/markets until they realize they are all fake tomorrow. Don’t fall for these. It’s a simple manipulation of...
In this episode of Risky Business, host Patrick Gray and panelists James Wilson and Adam Wallow dissect a wave of AI-driven cyber incidents, from a threat actor leveraging AI to mass‑compromise Fortinet devices to Chinese labs attempting large‑scale model distillation...
DNSSEC adoption remains modest, with only 36 % of resolvers validating and 7 % of domains securely delegated in 2025, hampered by complex enrollment and manual key‑rollovers. Automation using authenticated CDS/CDNSKEY records can eliminate these hurdles, and several European ccTLDs have already...
Malwarebytes uncovered a new fake‑Zoom meeting scam that silently installs a covert build of the Teramind employee‑monitoring tool on Windows workstations. Victims are lured by a realistic Zoom waiting room, then an automatic “Update Available” countdown triggers a silent download...
In this episode, Johannes Ulrich discusses a surge in scans targeting open redirects, explaining how these vulnerabilities can be exploited in OAuth 2 flows and phishing attacks, and notes that many originate from a bullet‑proof hosting IP. He then introduces...
Ransomware attacks are increasingly being framed as the overdue invoice for years of accumulated technical debt. Experts highlight that identity sprawl, inconsistent patching, and legacy backup systems create fertile ground for ransomware to cripple organisations. A Rubrik survey found 95%...
Airports in 2026 face a rapidly evolving threat matrix that blends physical, digital and human risks, from sophisticated stowaways and drone incursions to a 600% surge in cyber‑attacks. Balancing passenger convenience with robust security is no longer optional—it defines the...
Sektor has entered a distribution agreement with AI and data‑security‑governance vendor Concentric AI to serve the Australian and New Zealand market. As an authorised distributor, Sektor will equip its channel partners with enablement, go‑to‑market support and local expertise, positioning Concentric AI’s platform for...
Organizations using Azure Government Cloud struggle to balance automated security assessments with the nuanced architectural requirements of regulated environments. Third‑party compliance tools can scan thousands of resources against NIST, FedRAMP, and CIS benchmarks, delivering speed and broad visibility. However, these...
A financially motivated group called Diesel Vortex has been running a phishing campaign against freight and logistics operators in the U.S. and Europe since September 2025. Using 52 domains and Cyrillic homoglyph tricks, the actors stole 1,649 unique credentials from...
Business email compromise (BEC) continues to surge, costing $2.7 billion in 2022—a 12.5% increase over the prior year. Attackers masquerade as CEOs, HR staff, or trusted vendors, using deep reconnaissance, AI‑generated voice cloning, fake invoices, QR codes, and conversation hijacking to...
Ransomware has evolved into a multi‑strain ecosystem, ranging from classic crypto ransomware that encrypts data to double‑extortion variants that also threaten public leaks. Newer models such as encryption‑less, locker, scareware, and Ransomware‑as‑a‑Service (RaaS) broaden the attack surface and lower the...
Eric Trexler, senior VP for the public sector at Palo Alto Networks, highlighted the federal government’s massive, fragmented cyber‑attack surface and the $27 billion FY 2025 cybersecurity budget, of which roughly $1.8 billion targets identity management. He noted that while agencies have made...
The U.S. Treasury announced cyber‑related sanctions on four individuals and three entities, including parties in Russia and the United Arab Emirates. The measures target those involved in acquiring and distributing malicious cyber tools that threaten U.S. national security. The sanctions...
1Password announced a price increase for its annual plans effective March 27 2026. Individual subscriptions will rise to $47.88 per month and family plans to $71.88 per month, representing a $12 yearly bump. The company attributes the hike to added value and...
A security feature launch tweet by Claude wiped out $15B in cybersecurity stocks. AI is eating SaaS. Here’s what this means for the future of SaaS: Cybersecurity names like CrowdStrike, Palo Alto Networks, and Zscaler fell after Anthropic showed Claude...
Australian government agencies are urged to upgrade cybersecurity after Cisco and the University of Canberra released the "Securing the Nation" report. The study highlights that 59% of federal agencies view legacy, end‑of‑life technology as a top security challenge and warns...
SolarWinds has issued patches for four critical Serv‑U vulnerabilities (CVE‑2025‑40538, 40539, 40540, 40541), each scoring 9.1 on the CVSS scale. The flaws—broken access control, two type‑confusion bugs, and an IDOR issue—enable remote code execution that can grant attackers full root...
In this episode, Hitachi Vantara Federal’s Guy Garwich and Todd Hansen explain how the Virtual Storage Platform One (VSP1) unifies block, file, object, and mainframe storage into a single data plane with a unified control plane, delivering high‑performance file services,...
Discord announced a global age‑verification rollout featuring facial scans and ID uploads, but user backlash forced a delay. CTO Stanislav Vishnevskiy admitted the company failed to explain the process clearly, especially after a 2024 breach that exposed 1.5 TB of verification...
DISA has issued a $201 million solicitation for cloud‑based internet isolation (CBII), requiring authorized Menlo Security resellers to deliver a managed service. Menlo Security supplies the underlying remote‑browser platform, while resellers will operate, integrate, and support the solution within DISA’s security...
The Association of Digital Verification Professionals (ADVP) has urged the UK government to shape its upcoming digital‑identity consultation around the Data (Use and Access) Act 2025, warning that a single, government‑only wallet would lock out the private sector. ADVP argues...
Asked Opus 4.6 to design an SOC2‑compliant auth service from zero. It came back with 35 issues. Pilot’s job now is to deliver them. Estimated cost: ~$4. Estimated time: ~1 hour + ~10 minutes of cleanup. --- Devs only have jobs until I get better...
Blumira has entered the Pax8 Marketplace, allowing managed service providers (MSPs) to purchase, provision, and bill a full‑stack security operations platform through the same portal they use for cloud services. The integration eliminates separate sales and onboarding steps, enabling MSPs...
The Multi-State Information Sharing and Analysis Center (MS-ISAC) lost its federal grant in September 2025 and transitioned to a dues‑paying model. Sixteen states and territories are now full members, while eight additional states have purchased services for all their agencies....
Federal agencies are accelerating cloud modernization, but must first close gaps in data readiness, cybersecurity, and legacy infrastructure. Officials from the Centers for Medicare & Medicaid Services, the Department of Energy, and NinjaOne discussed prerequisites for hybrid and multi‑cloud success....
The DTEX Cost of Insider Risks 2026 report, based on 8,750 security practitioners, finds average insider‑related losses of $19.5 million per organization, with employee negligence—largely driven by shadow AI—accounting for 53% of that cost. Negligence losses rose 17% year‑on‑year, pushing total...
Google released a Chrome security update that fixes three high‑severity vulnerabilities (CVE‑2026‑3061, CVE‑2026‑3062, CVE‑2026‑3063). Two of the flaws involve out‑of‑bounds memory reads, while the third adds out‑of‑bounds writes in the WebGPU shader compiler. The bugs affect Chrome’s media stack, the...
Defi is a central part of the value that Ethereum provides. Financial empowerment is a central part of what it means to have agency and freedom in our current world. Finance is far from the only thing that Ethereum is...
Fintech firm Marquis has filed a lawsuit against firewall vendor SonicWall, alleging that a 2025 breach of SonicWall’s cloud backup service exposed critical firewall configuration data. The compromised backup files allegedly gave threat actors the keys to bypass SonicWall defenses,...
If you’re a cybersecurity leader in NYC, join me this Thursday for a roundtable dinner focusing on New Strategies to Protect Your Expanding Dataverse. Private dinner, peer conversation, no vendor pitch. These are the discussions where the real issues come...
Introducing a new tool called "SideChannel". A secure alternative to OpenClaw. Utilizes signal for communication and has Claude integration. I built SideChannel, an open-source Signal bot that connects Claude AI to your entire development workflow. End-to-end encrypted. From your pocket. The real...
Greater Pittsburgh Orthopaedic Associates disclosed a data breach that began around August 10, 2025, affecting tens of thousands of patients. The group reported 35,000 records to HHS in August 2025, but a February 2026 filing to the Maine Attorney General raised the figure...
Peter Williams, the former Trenchant exec who stole zero-day exploits from his employer and sold them to a Russian exploit buyer, was sentenced today to 7 years and 3 months in a hearing that was partially closed to the public...
📈 The Board is over "Red, Yellow, Green" charts. They want financial risk quantification. Moving from technical metrics to business risk is the #1 theme for CIOs at RSA this year. Stop reporting on "threats" and start reporting on "impact."...
Cybersecurity firm Cofense uncovered a sophisticated phishing campaign that impersonates cryptocurrency broker Bitpanda. The fake site replicates Bitpanda’s login and adds a counterfeit multi‑factor authentication flow to harvest credentials, names, phone numbers, addresses, and birth dates. Attackers host the clone...
Great story in the New York Times highlighting the difficulties that the US government has faced in getting the world's most profitable companies to take supply chain security seriously, and reduce their exposure to a crisis in the Taiwan straights 1/...
Threat groups move at record speeds, as AI helps scale attacks | Cybersecurity Dive https://t.co/frfbUAXzlI
Mobile credentials are rapidly gaining traction in higher‑education campuses and commercial‑real‑estate portfolios, driven by seamless integration with smart‑building and HR systems. HID’s 2025 State of Security and Identity report shows that 69% of security leaders have deployed or plan to...
So @markowitzadam was selling a product built on proving things with evidence. But when a university asked him to prove his security posture, he couldn’t. That contradiction became the seed for @DrataHQ ($100M+ ARR). Trust isn’t what you say. It’s what you prove....
The UK Government has launched a new campaign urging small‑ and medium‑size enterprises to adopt the Cyber Essentials framework after research showed that 50% of SMEs suffered a cyber attack in the past year. The study also revealed that cyber...
Cyber deception is gaining prominence as AI‑driven threats rise, prompting the UK NCSC to champion its wider use. The approach relies on high‑fidelity decoys—honeypots, fake credentials, and canary tokens—to generate early breach signals and expose lateral movement. While plug‑and‑play tools...
Enterprises are wrestling with a surge in software security debt, with 82% reporting heightened vulnerability backlogs—a rise of 11% year‑over‑year. Critical flaws now account for 60% of that debt, and high‑risk, highly exploitable issues jumped 36% in the same period....
Broadcom released security updates fixing three critical flaws in VMware Aria Operations, including a remote command injection (CVE-2026-22719) with a CVSS score of 8.1, a stored cross‑site scripting issue (CVE-2026-22720) rated 8.0, and a privilege‑escalation bug (CVE-2026-22721) scored 6.2. The...
Sendmarc has published a fireside chat with DMARCbis co‑editor Todd Herr, outlining the draft’s progress toward Proposed Standard status. The discussion details upcoming tag revisions, clearer reporting expectations, and a DNS tree‑walk method for receiver‑side domain discovery. Herr emphasizes that...
Cyber Security Intelligence reports a surge in DDoS attacks in 2025, with assaults escalating from gigabyte to terabyte volumes. The article outlines proactive protection steps, starting with comprehensive risk assessments that inventory public‑facing assets and establish traffic baselines. It then...
