Hid-Omg-Detect: Linux Driver In Development To Detect Malicious HID Devices
Zubeyr Almaho is spearheading a new Linux kernel driver called hid‑omg‑detect, designed to passively monitor and flag potentially malicious HID peripherals such as compromised keyboards and mice. The driver evaluates low‑level signals like keystroke‑timing entropy, immediate post‑enumeration typing, and suspicious vendor/product IDs, issuing warnings when thresholds are crossed. It does not block devices itself but can work with user‑space tools like USB Guard to enforce blocks. The code is currently under review on the Linux kernel mailing list.
ESP32-S3 Gets Post-Quantum Encryption with Aethyr Edge Node Open-Source Firmware
Aethyr Research has released open‑source firmware for ESP32‑S3 that adds post‑quantum encryption using ML‑KEM‑768, BLAKE3, and XChaCha20‑Poly1305. The firmware boots in 2.1 seconds and completes a full PQC handshake in 35 ms, with an 833 KB flash footprint and 157 KB free SRAM. It...
Android 17 Upgrades the Boot Chain for the Quantum Age: Google Is Embedding Post-Quantum Cryptography Deep Within the System
Google announced that Android 17 will embed post‑quantum cryptography (PQC) across its core security stack, including Verified Boot, Remote Attestation, and the Android Keystore. The implementation relies on NIST‑approved lattice‑based algorithms such as ML‑DSA‑65 and ML‑DSA‑87, with testing slated for the...
Pete Recommends – Weekly Highlights on Cyber Security Issues, April 6, 2026
April 2026 saw a wave of cyber‑security concerns spanning covert AI‑driven content harvesting, regulatory crackdowns, and evolving threat vectors. WebinarTV was exposed for secretly recording Zoom webinars and turning them into AI podcasts, while the FCC announced a ban on...
Introduction to Risk Management: A Complete Guide for Security Professionals
Dr. Erdal Ozkaya’s free guide delivers a complete, step‑by‑step introduction to cyber risk management, covering definitions, the seven core concepts, quantitative formulas, and the NIST Risk Management Framework. It shifts security teams from reactive alert firefighting to strategic decision‑making by...
How to Back up Your Phone, Photos and Computer without Overthinking It
The article demystifies data backup by urging readers to adopt a single, reliable copy rather than the complex 3‑2‑1 rule. It walks through practical solutions for home‑based NAS storage, photo archiving via Google Takeout or iCloud, and automated computer backups...
IBM Highlights Agentic AI Security Gaps at RSA Conference
At RSA’s 2024 cybersecurity conference, over 43,000 attendees highlighted the rise of agentic AI, yet few vendors offered end‑to‑end security solutions. IBM executives warned that AI agents change behavior at runtime, expanding attack surfaces and exposing a critical gap in...
Apple Releases iOS 18 Security Updates for iOS 26 Holdouts
Apple began rolling out iOS 18.7.7 on April 1, delivering critical security patches to every device still running iOS 18, even those capable of upgrading to iOS 26. The update addresses high‑profile exploits such as DarkSword and Coruna, allowing users...
How Hackers Faked a Zombie Apocalypse Alert on Live TV
On February 11, 2013, hackers infiltrated the Emergency Alert System (EAS) of at least five U.S. television stations and aired a fabricated warning that the dead were rising and attacking the living. The fake alert first appeared on KRTV in...
New Presidential Executive Order Targets Transnational Cybercrime
In March 2026 President Trump signed an Executive Order targeting transnational cybercrime, directing the State, Treasury, War, Homeland Security and Justice departments to produce a coordinated action plan by July. Fraud losses have surged 430% since 2020, with AI‑driven scams...
Enforcers Project Plans to Strengthen European Cybersecurity
The EU‑funded Enhanced Cooperation for Cybersecurity (Enforcers) project launched in February, bringing together manufacturers, security providers, and research institutes to build a unified platform for industrial automation protection. The system will interconnect private SOCs, trusted hardware anchors, automated mitigation playbooks,...
Tönnjes Offers New RFID Security Solutions for Vehicle Identification
Tönnjes, in partnership with Swiss chip maker EM Microelectronic, unveiled a next‑generation hybrid RFID/NFC chip for vehicle identification at Intertraffic in Amsterdam. The dual‑frequency tag combines long‑range RAIN RFID with smartphone‑compatible NFC, featuring AES‑128 encryption and expanded memory for secure,...
DataCore Launches Swarm Appliance to Address Cyber Resilience and Compliance for the Edge
DataCore Software introduced the Swarm Appliance, a turnkey object‑storage solution designed for edge and remote‑office (ROBO) environments. The appliance consolidates data protection, archiving, and long‑term retention while embedding immutability, encryption, and malware detection. It aims to simplify compliance and cyber‑resilience...
Rubrik Rolls Out Industry’s First Semantic AI Governance Engine
Rubrik unveiled its Semantic AI Governance Engine (SAGE), the first industry‑wide solution that uses a custom small language model to interpret natural‑language policies and control autonomous agents in real time. The engine replaces static rule‑sets with intent‑driven governance, enabling the...
Data Protection Reinforced with Veeam Backup and NGX Storage Partnership
Veeam announced a partnership with NGX Storage, whose solutions have earned Veeam Ready‑Repository and Ready‑Object certifications. The accreditation confirms NGX’s compatibility as a file, block, or object backup target for Veeam Backup & Replication. Together, the two firms promise faster...
CloudCasa Joins Nutanix Kubernetes Platform (NKP) Partner Catalog, Expanding Data Protection for Kubernetes Users
CloudCasa by Catalogic is now listed in the Nutanix Kubernetes Platform (NKP) Partner Catalog, delivering Kubernetes‑native backup, disaster recovery, and migration tools to NKP users. The integration lets organizations protect persistent data, cluster resources, and applications across on‑prem, edge, and...
Coralogix and Skyflow Redefine Privacy-Safe Observability for the AI Era
Coralogix and Skyflow have formed a strategic partnership to deliver privacy‑safe observability for enterprises. By replacing redaction with consistent tokenization, the solution keeps sensitive customer data out of logs while preserving full searchability and correlation. The joint offering supports AI‑driven...
Company that Secretly Records and Publishes Zoom Meetings
A new service, WebinarTV, is automating the recording of Zoom meetings and generating AI‑driven transcripts and summaries without informing participants. Unlike archival tools such as the Internet Archive, the company profits from bulk capture of live video calls. The practice...
Your Token Was Stolen. Now What?
The article warns that stolen JWTs let attackers impersonate users until the token expires, exposing a critical weakness in many API authentication flows. It outlines the typical login sequence, then highlights how tokens stored in insecure locations or with long...
TCCA White Paper Gives Direction on Building Cybersecurity Into Critical Communications
The Telecoms Critical Communications Association (TCCA) has published its first white paper on cybersecurity for mission‑critical broadband networks, marking a key step toward securing 4G and 5G‑enabled communications. The document outlines international standards, frameworks and deployment models, and stresses the...
Digital Forensics and Incident Response (DFIR): A CISO’s Guide
Digital Forensics and Incident Response (DFIR) combines evidence collection with threat containment, forming a critical capability for CISOs. The guide outlines core functions—evidence preservation, malware and network analysis, and emerging cloud forensics—while stressing the need for pre‑enabled logging. It recommends...
OT Network Segmentation: A Practical Guide for Security Teams
Network segmentation is the most effective control for safeguarding operational technology (OT) environments, limiting attackers to isolated zones rather than allowing lateral movement. Implementing segmentation in OT differs from IT because industrial protocols and legacy equipment resist typical firewall solutions...
Incident Response Planning for Business Continuity
Organizations lacking a tested incident response plan face escalating costs, reputational damage, and evidence loss during cyber attacks. The article outlines the NIST incident response lifecycle—preparation, detection, containment, and post‑incident review—and stresses integrating business continuity to meet recovery time objectives....
Quantum Encryption’s Hidden Weakness Exposed by New Eavesdropping Attack
Researchers at the School of Physics and Astronomy have unveiled a new eavesdropping technique called Manipulate-and-Observe that targets the classical reconciliation phase of quantum key distribution (QKD). By intercepting between 0% and 11% of photons and injecting subtle errors, the...
The DOJ’s Cyber FCA Playbook Is Working as Enforcement Triples and Shows No Signs of Slowing
The Department of Justice’s cyber fraud initiative has accelerated, with nine False Claims Act settlements in FY 2025 totaling more than $52 million—a three‑fold increase over the prior two years. Enforcement targets misrepresentations of cybersecurity compliance rather than actual data breaches, implicating...
How Ecommerce Brands Should Budget for Penetration Testing in 2026 Without Under-Scoping Risk
E‑commerce brands in 2026 must treat penetration testing as a revenue‑protection expense rather than a simple compliance line‑item. Modern stacks combine headless front‑ends, APIs, third‑party services, and mobile apps, expanding the attack surface far beyond the public storefront. Budgeting errors...
What Internal Audit Needs to Know About Zero Trust Architecture
Zero Trust Architecture (ZTA) is reshaping security by demanding continuous verification of users, devices, and connections rather than trusting network perimeters. Internal auditors must evaluate ZTA implementations against standards such as MFA enforcement, least‑privilege access, micro‑segmentation, and immutable logging to...
Amazon’s AWS Bahrain Data Center Damaged in Iranian Strike, Second Disruption in a Month
Amazon Web Services’ Bahrain data center was hit by a fire after an Iranian strike, confirmed by Bahrain’s Interior Ministry. The incident follows a prior outage in the same region last week, marking the second AWS disruption in a month....
Windows Security App Gains Secure Boot Certificate Status Ahead of Major Certificate Refresh
Microsoft is quietly updating Secure Boot certificates that were issued in 2011 and will expire in June 2026. The new certificates are being delivered through Windows Update and become visible in April 2026 via a badge in the Windows Security...
The One-Time Pad Edition
The one‑time pad (OTP) is the only encryption method proven to be perfectly secret, but its practicality hinges on flawless key management. The key must be truly random, as long as the message, and never reused, turning the cipher into...
OT vs IT Security: Why Industrial Environments Need Different Protection
The 2021 Oldsmar water‑treatment hack exposed how connected operational technology (OT) can be weaponised, highlighting the stark contrast between OT and traditional IT security. In OT, availability outweighs confidentiality, because a brief outage can trigger safety incidents or regional blackouts....
A Quantum Apocalypse Is Coming for the Internet
Google’s quantum research team released a white paper showing it can break 256‑bit elliptic‑curve cryptography using roughly 20 times fewer physical qubits than previously estimated. The breakthrough threatens the cryptographic foundations of most blockchains and many internet security protocols. The article...
Possible US Government iPhone Hacking Tool Leaked
Google researchers disclosed a sophisticated iPhone exploit kit called Coruna, which chains 23 iOS vulnerabilities to silently install malware via compromised websites. Evidence points to the toolkit’s origins in the U.S., specifically the Trenchant division of defense contractor L3Harris. Former...
Axios Hack Exposes AI-Coding’s Dependency Problem
Hackers breached the npm account for the widely used JavaScript library Axios, injecting malicious code that was downloaded millions of times before being pulled. The incident follows a similar supply‑chain attack on the LiteLLM PyPI package, highlighting how AI‑coding tools...
Libinput Hit By Worrying Security Issues With Its Lua Plug-In System
Libinput added a Lua‑based plug‑in system in version 1.30 to let developers customize device events. Security researchers have now uncovered two critical flaws—CVE‑2026‑35093, a sandbox‑escape that loads unverified bytecode, and CVE‑2026‑35094, a use‑after‑free bug. Both affect the widely deployed input...
Hashing, Encryption, and Tokenization Explained: How Each One Protects Data Differently
The article breaks down hashing, encryption, and tokenization, explaining how each technique transforms data to protect it. It highlights hashing as a one‑way function ideal for password storage, encryption as a reversible process that secures data in transit, and tokenization...
Instagram Removing End-to-End Encryption: A Precision Harvest
Meta announced it will terminate end-to-end encryption for Instagram direct messages on May 8, arguing the feature sees low adoption. Despite Instagram’s billions of users, the change sparked virtually no public outcry or organized boycott. Critics say the move reflects...
Fireside Chat: AI Agents Are Reshaping Mobile Attacks — and Exposing Weak API Trust Models
At RSAC 2026, Approov CEO Ted Miracco warned that AI agents are taking over routine mobile‑app actions, fundamentally changing how requests reach backend APIs. Because APIs were built to trust human‑generated patterns, attackers can train AI to imitate those patterns...
Exclusive: Verlata Partners with ActiveNav to Tackle Unstructured Data Risks for Law Firms
Verlata Consulting has partnered with data‑discovery specialist ActiveNav to offer law firms a joint solution for locating, governing, and securing unstructured content stored outside traditional document‑management systems. ActiveNav Cloud scans network shares, cloud storage and local drives, classifying files and...
Is “Hackback” Official US Cybersecurity Strategy?
The White House’s 2026 Cyber Strategy for America adopts a more aggressive tone, explicitly urging the private sector to identify and disrupt adversary networks. This language is interpreted as an endorsement of “hack‑back” – allowing companies to conduct offensive cyber...
PQShield Clears Path for ML-KEM Inclusion in Japan’s National Cryptographic Standard
PQShield has completed an external evaluation of the NIST‑approved ML‑KEM algorithm for Japan’s CRYPTREC body, clearing the way for its inclusion on the national Ciphers List. This milestone accelerates the adoption of quantum‑safe encryption across Japanese government, infrastructure, and technology...
Cybersecurity Is The Responsibility Of The Board & Not An Afterthought
Family businesses face heightened cyber risk due to legacy systems, informal processes and a culture of trust that can be exploited by phishing and CEO‑fraud attacks. The article argues that cybersecurity must move from an afterthought to a board‑level governance...
H33.ai Introduces HICS to Provide Mathematically Verifiable Software Security Scores
H33.ai unveiled HICS (H33 Independent Code Scoring), a free platform that generates mathematically verifiable software security scores using STARK zero‑knowledge proofs and Dilithium post‑quantum signatures. The tool evaluates code across five dimensions and issues a .h33 certificate containing a SHA3‑256...
Storware Releases Backup and Recovery v7.5 with Platform9 Integration and Expanded OpenStack Migration Support
Storware announced Backup and Recovery 7.5, adding native Platform9 Private Cloud Director integration and expanding V2V migration to Citrix Hypervisor and XCP‑ng. The release also brings full Nutanix v4 API support, Proxmox compatibility with Ceph v19 and synthetic backups, and performance enhancements...
Kingston Introduces Next-Gen XTS-AES 256-Bit Hardware-Encrypted Up to 256GB USB Drive
Kingston Digital unveiled the IronKey Locker+ 50 G2, a hardware‑encrypted USB flash drive featuring FIPS 197‑certified XTS‑AES‑256 encryption. The device offers BadUSB protection, brute‑force lockout, and dual admin/user passwords with complex or passphrase modes. Available in 32 GB to 256 GB capacities, it delivers up...
NinjaOne Revolutionizes Vulnerability Management with AI-Driven Assessment to Reduce Risk Faster
NinjaOne launched NinjaOne Vulnerability Management, an AI‑driven module embedded in its Unified IT Operations Platform that delivers continuous, real‑time vulnerability detection and automated patching for Windows and Linux endpoints. The solution replaces periodic scans with server‑side analytics, providing always‑current risk...
Blog 111a. Banking’s Identity Problem: Why Digital Cards and Instant Payments Need a Human-Verified Security Layer
The article argues that modern banking’s security still leans heavily on credentials, sessions, and device identifiers, leaving digital cards and instant payments exposed to fraud. It highlights regulators’ push for layered authentication yet notes that criminals routinely bypass these controls...
A Taxonomy of Cognitive Security
K. Melton introduced a five‑level taxonomy of cognitive security, framing the brain as a layered system akin to IT architecture. The NeuroCompiler—mirroring Kahneman’s System 1—interprets raw sensory input before conscious awareness and can route outputs directly back to behavior, creating a...
SentinelOne Autonomous Detection Blocks Trojaned LiteLLM Triggered by Claude Code
SentinelOne’s AI‑driven endpoint platform automatically detected and halted a supply‑chain attack that leveraged a compromised LiteLLM package. The malicious chain was triggered after an AI coding assistant installed the tainted library, leading to hidden Python code execution, data theft and...
Free VPNs Leak Your Data While Claiming Privacy
Recent research by MysteriumVPN examined 18 of the most downloaded free Android VPN apps and found pervasive privacy violations. Nearly all apps embed multiple third‑party trackers and request dangerous permissions unrelated to VPN functionality, while many connect to hard‑coded servers...