Don’t Overlook Low-Tech Crime in Healthcare
Healthcare organizations focus on high‑tech defenses, yet physical and procedural gaps remain a major source of breaches. Low‑tech incidents such as tailgating, unattended devices, and badge sharing contributed to over 51 million compromised records in 2022. The article outlines practical controls—including role‑based badge access, finance‑IT collaboration, secure print, device tagging, and workstation timeouts—to mitigate these risks. Ignoring these basics can trigger fines, reputational harm, and compliance failures.
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 85
The Security Affairs Malware Newsletter Round 85 aggregates the latest research and incident reports on global malware threats. Highlights include new Android threats like Ninja Browser, Lumma Infostealer, PromptSpy and Phantom Trojans, a surge in ATM jackpotting across the U.S., and...
Things Are Getting Wild: Re-Tool Everything for Speed
The author warns that AI is reshaping cybersecurity, creating a tidal wave of new software‑generated vulnerabilities while simultaneously giving attackers tools to industrialize exploits. Simultaneously, AI‑generated content erodes trust, making authenticity a critical challenge. Enterprises must build a robust agentic...
U.S. CISA Adds RoundCube Webmail Flaws to Its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical RoundCube Webmail vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The flaws—CVE-2025-49113, a deserialization bug with a 9.9 CVSS score, and CVE-2025-68461, an SVG‑based XSS issue scoring 7.2—target...
WordPress, AI, Plugins, Future of Software Engineering
The post outlines how AI is reshaping the WordPress ecosystem, from a flood of AI‑generated plugins that introduce new security risks to the need for large‑scale audit infrastructure. It advises agencies to pivot from billable hours to outcome‑based pricing, leveraging...
Update: rtfdump.py Version 0.0.15
Didier Stevens announced on 21 February 2026 the release of rtfdump.py version 0.0.15. The update specifically fixes a bug in the –yarastrings option, restoring reliable extraction of YARA strings from RTF files. The release package is available for download and...
Texas Sues Temu for Allegedly Functioning as Chinese Spyware
Texas Attorney General Ken Paxton sued Temu, alleging the discount marketplace operates as Chinese Communist spyware that harvests user data for the Chinese government. The lawsuit targets PDD Holdings, accusing it of deceptive marketing and seeking substantial civil penalties. It...
Check Point Software Earns Leader & Fast Mover Position in GigaOm Radar for Cloud Network Security
Check Point Software has been named a Leader and Fast Mover in the GigaOm Radar for Cloud Network Security 2025, marking its third consecutive year at the top. GigaOm highlighted the company’s prevention‑first Infinity architecture, unified cloud security platform, and...
Q&A: Organisations Are Spending Millions on Cybersecurity and Still Getting It Wrong
Organizations are pouring billions into cybersecurity yet continue to suffer breaches because they treat security as a purely technical issue. Senior cyber leader Purvi Kay argues that weak governance, poor communication, and unclear accountability are the primary failures. She emphasizes...
Firewalla Orange Review: A Pocket-Sized Firewall That Followed Me to Tokyo
The Firewalla Orange is a 244‑gram, pocket‑sized firewall that turns any untrusted Wi‑Fi into a protected network in about ten minutes. In real‑world tests it delivered 1.72 Gbps wired throughput and 151 Mbps hotel Wi‑Fi speed while applying IPS, ad‑blocking and VPN...
AI Risk Tool
AI Risk tool, a browser‑only privacy layer, anonymises sensitive data before it reaches any generative AI model. The solution runs entirely client‑side, ensuring no text is transmitted, stored, or tracked on external servers. By eliminating the need for accounts, it...
How to Back Up Your WordPress Website Effectively
Law firms rely on WordPress sites for client intake, branding, and confidential communications, making website continuity critical. The article outlines a practical backup strategy, recommending daily off‑site backups using plugins such as UpdraftPlus, BackupBuddy or BlogVault, and storing copies in...
Auto Draft
Veteran CISOs are urged to abandon technical dashboards and become business risk leaders who speak the board’s language. By translating security concepts into revenue‑impact terms, aligning initiatives with corporate growth plans, and quantifying cyber risk in monetary values, they secure...
Best Western Nordic Hit By Data Breach: Cybercriminals Targeting Guests Via WhatsApp & SMS
Best Western hotels in Sweden, Denmark and Norway suffered a data breach that exposed guest names, check‑in dates, email addresses and phone numbers. Cybercriminals are now using the stolen details to launch phishing attacks via WhatsApp and SMS, directing victims...
Markel Expands Cybersecurity Support for Policyholders Through Upfort Partnership
Markel announced a partnership with cyber‑security firm Upfort to extend AI‑driven protection tools to eligible U.S. cyber‑insurance policyholders. The collaboration introduces the Upfort Shield platform and an endpoint detection and response (EDR) solution with behavioural analytics. Markel says the offering...
CISA Alerts to Critical Auth Bypass CVE-2026-1670 in Honeywell CCTVs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert for a critical authentication‑bypass vulnerability (CVE‑2026‑1670) in several Honeywell CCTV models, receiving a CVSS score of 9.8. The flaw lets unauthenticated attackers change the recovery email address, enabling...
Cyber Risk Management In Remote-First Environments
Executive-led cyber risk management has shifted from traditional IT‑centric frameworks to a leadership‑first model that aligns digital hygiene with corporate governance. In remote‑first environments, the loss of a centralized perimeter expands the attack surface, making every executive login a potential...
Smashing Security Podcast #455: Face Off: Meta’s Glasses and America’s Internet Kill Switch
In episode 455 of the Smashing Security podcast, host Graham Cluley and journalist James Ball examine the growing threat of tech sovereignty, questioning whether the United States could effectively shut down Europe’s internet by leveraging Gmail, cloud services, and critical infrastructure. They also...
Josh Aaron: The Hidden Technology Risk Law Firms Can No Longer Treat as Background Noise
Law firms are increasingly confronted with demanding security questionnaires from Fortune 500 clients, requiring verifiable endpoint protection within tight deadlines. Many firms still rely on manual or semi‑automated processes, leaving gaps in device visibility and patch compliance. This lack of...
French Ministry Confirms Data Access to 1.2 Million Bank Accounts
The French Economy Ministry disclosed that a hacker used stolen government credentials to view data from 1.2 million bank accounts across the country. The breach, detected in late January, exposed personal details such as names, addresses, account numbers and, in some...
OMB Rescinds the “Common Form” Secure Software Attestation Requirement
On Jan. 23, 2026 the Office of Management and Budget issued Memorandum M‑26‑05, rescinding the Biden‑era mandate that all federal agencies obtain a CISA “Common Form” software attestation. The new memo replaces the one‑size‑fits‑all requirement with a risk‑based, agency‑specific approach while...
Aliro Raises $15M to Advance Physics-Based Network Security
Aliro announced a $15 million oversubscribed funding round led by Gutbrain Ventures, with participation from Cisco Investments, Argon Ventures, and Wonderstone Ventures. The Boston‑based startup is commercializing a physics‑based network security platform that uses quantum entanglement to replace cryptographic assumptions with...
Actionstep Completes SOC 2® Type 2 Examination, Reinforcing Commitment to Law Firm Security
Actionstep, a cloud‑based practice‑management platform used by nearly 5,000 law firms, announced completion of its SOC 2 Type 2 examination conducted by Prescient Assurance. The audit evaluated both the design and operating effectiveness of the company’s security controls over a defined period, providing...
EFF to Wisconsin Legislature: VPN Bans Are Still a Terrible Idea
The Electronic Frontier Foundation (EFF) has sent a letter to Wisconsin’s entire legislature urging a vote against S.B. 130 and A.B. 105, bills that would ban VPN use and impose invasive age‑verification on certain websites. The measures have cleared the...
Waymo Overseas Human Assist Wasn't Secret, But Is It Secure?
Waymo disclosed that a single remote‑assist operator supports roughly 40 autonomous vehicles, a ratio that underscores its reliance on human fallback. The company confirmed that many of these operators are based overseas, a fact previously hinted at but not widely...
CredShields Leads OWASP Smart Contract Top 10 2026 as Governance and Access Failures Drive Onchain Risk
In this episode, CredShields announces the release of the OWASP Smart Contract Top 10 2026, a risk prioritization framework built from a structured analysis of 2025 smart contract incidents that caused hundreds of millions in losses. The discussion highlights that governance and...
Poorly Crafted Phishing Campaign Leverages Bogus Security Incident Report
A phishing campaign leveraged a fake PDF security incident report hosted on Amazon S3 to intimidate MetaMask users into enabling two‑factor authentication. The PDF, created with ReportLab, contains no malicious code but mimics an official security alert. Researchers noted the...
Side-Channel Attacks Against LLMs
Recent research uncovers multiple side‑channel attacks that exploit timing, packet‑size, and speculative decoding characteristics of large language model (LLM) services. By monitoring encrypted network traffic, attackers can infer conversation topics with over 90 % precision, fingerprint specific prompts with up to...
Sovereignty-First ITSM: How Geopolitical Risk Is Reshaping Service Management in 2026
In 2026 enterprises are treating data location as a strategic risk rather than a compliance checkbox, prompting a shift toward sovereignty‑first IT service management (ITSM). Traditional cloud‑based ITSM platforms that store data in foreign jurisdictions expose organizations to sudden geopolitical...
Encrypted RCS Messaging Support Lands in Apple’s iOS 26.4 Developer Build
Apple introduced end‑to‑end encrypted Rich Communication Services (RCS) messaging in the iOS 26.4 developer beta, extending the feature to iPadOS, macOS and watchOS in future updates. The encryption is currently limited to iPhone‑to‑iPhone conversations and depends on carrier support, with a...
Strengthening Your Legal Practice Against Downtime
South African law firms face steep financial and reputational losses from IT downtime, with a single hour costing an average R360,000 for a 20‑person practice and up to R6.5 million for larger firms. The article distinguishes disaster recovery (DR) from simple...
Crypto-Procrastination: The Dangerous Delay in Preparing for Post-Quantum Data Security
A Citi Institute report warns that a quantum‑enabled cyberattack on a top U.S. bank could jeopardize $2‑3.3 trillion of GDP, turning quantum computing from theory into an operational emergency. The article highlights the “harvest now, decrypt later” (HNDL) threat, where adversaries...
Odido Salesforce Hack: Up to 6M Customers’ Data at Risk
Odido, the Dutch telecom formerly known as T‑Mobile, suffered a social‑engineering breach that compromised its Salesforce instance, exposing personal data of up to six million current and former customers. Attackers phished employee credentials, impersonated the IT department, and gained unauthorized...
AWS Security Digest #248 - MCPs Denied
AWS introduced new IAM condition keys that specifically target requests routed through Managed Control Plane (MCP) servers, allowing administrators to deny actions taken via that path. The feature is designed to mitigate risks posed by AI agents that programmatically call...
Dutch Defence Secretary Boldly Claims F-35 Software Could Be ‘Jailbroken’
Dutch Defence Secretary Gijs Tuinman told Dutch radio that the F‑35’s software could potentially be “jailbroken,” hinting at a future where the Netherlands might operate the jet without U.S. approval. He stopped short of confirming any concrete plan, noting the...
Clustrauth API by Smart Banner Hub Offers Quantum-Safe Document Authentication with Flexible Pricing
Smart Banner Hub introduced the Clustrauth API, a REST service that provides NIST FIPS 204‑compliant, quantum‑safe document signing using a hybrid Ed25519 and ML‑DSA signature scheme. The API allows developers to sign files up to 50 MB with three lines of code...
EDPB and EDPS Weigh In on the Digital Omnibus: Personal Data, Breach Reporting, and AI Governance
The European Data Protection Board and the European Data Protection Supervisor issued a joint opinion on the EU’s Digital Omnibus, endorsing its goal to ease administrative burdens while flagging key concerns. They warn that a narrower, controller‑specific definition of personal...
OpenClaw in the Clinic: A Business Plan for HIPAA-Compliant Deployment of Agentic AI at Scale in Payer and Provider Organizations
The episode dissects OpenClaw, an open‑source, agentic AI platform that can autonomously interact with files, commands, and dozens of applications, and evaluates its viability for payer and provider health organizations. It explains why the default, unsecured version violates HIPAA, outlines...
Keeper Commander Introduces SuperShell™
Keeper Security launched SuperShell™, a full‑screen terminal user interface for Keeper Commander, available from version 17.2.7 onward. The TUI provides a split‑view vault browser with vi‑style keyboard shortcuts, searchable panes, raw JSON inspection, and live TOTP display. Designed for developers,...
On Misusing Transparent DNS Forwarders For Amplification Attacks
Researchers have identified transparent DNS forwarders as a potent, overlooked vector for reflective amplification attacks. Unlike traditional open resolvers, these forwarders relay queries without rewriting source IPs, allowing attackers to exploit shielded recursive resolvers and bypass rate‑limiting controls. Weekly Internet‑wide...
Black Duck Signs MSSP Agreement with Accenture
Black Duck announced a managed security service provider (MSSP) agreement with Accenture, designating the Black Duck Polaris platform as the standard tool for Accenture’s Application Security Practice. Polaris combines static, dynamic, and software composition analysis into a single SaaS offering,...
EU Commission Breach – The Importance of Upholding Strong Device Management Infrastructure
Last week the European Commission disclosed a cyberattack that compromised its mobile device management (MDM) platform, exposing staff names and phone numbers. Security experts from Huntress, Keeper Security, and CyberSmart warned that MDM systems are now a primary attack vector,...
Balancer DAO Caps Recovery Bounty at 10% After $128M Exploit
Balancer DAO approved a proposal (BIP‑908) to allocate up to 10% of any recovered assets as a bounty for the November exploit that siphoned roughly $128 million from its V2 pools. The vote achieved a 158% quorum, though only nine votes...
Quantum Communication Secured by Choosing Measurement Basis Offers Ultimate Privacy
Researchers have unveiled a one‑way quantum secure direct communication (QSDC) protocol that hides the secret in the choice of measurement basis—computational or Hadamard—rather than a pre‑shared key. Using finite ensembles of entangled EPR pairs and a public authenticated channel, the...
OQC Demonstrates Quantum Algorithm on Toshiko System, Boosting Defence Network Resilience
OQC and QinetiQ have demonstrated a quantum‑based solution that identifies critical vulnerabilities in Mobile Ad‑Hoc Networks used for military and emergency communications. By running QinetiQ’s Quantum Approximation Optimisation Algorithm on OQC’s Toshiko processor, the collaboration pinpointed nodes whose failure would...
Post-Quantum Encryption Bypasses Digital Certificates for Faster, More Secure 5G Networks
Researchers have introduced a post‑quantum identity‑based encryption framework that eliminates X.509 certificates for TLS in 5G core networks and Kubernetes environments. By deriving public keys from identity strings and employing lattice‑based primitives such as ML‑KEM and Module‑NTRU, the scheme offers...
Redefining Global Advisory: How Jeff Shapiro’s London Leadership Anchors HaystackID’s 2026 European Strategy
HaystackID announced on February 10, 2026 that Jeff Shapiro will serve as Managing Director for Europe, anchoring its Global Advisory practice in London. The appointment comes as the EU AI Act and Data Act enter critical enforcement phases, demanding localized...
Edinburgh Student Forum Spotlights Hybrid War Lessons
The University of Edinburgh and Kyiv National University hosted an online student forum that gathered Ukrainian and UK experts to dissect drones, disinformation, civil resilience, and energy security, showing how Ukraine’s war is reshaping European security thinking. Panels highlighted drone‑induced...
The Current State of RDAP
The IETF‑ratified Registration Data Access Protocol (RDAP) has entered a rapid growth phase after the mandatory whois sunset on 28 January 2025. Who‑is queries fell 60 % while RDAP queries surged from 7 billion to 65 billion per month, overtaking whois by June 2025. Adoption now...
Quantum-Proof Software Tools Tackle Looming Cyber Threats with Novel Adaptation Framework
Scientists warn that quantum computers threaten today’s cryptographic defenses, and simply swapping libraries will not suffice. Researchers led by Lei Zhang propose a new discipline—Quantum‑Safe Software Engineering—and introduce the Automated Quantum‑Safe Adaptation (AQuA) framework. AQuA’s three‑pillar approach tackles PQC‑aware detection,...
