ENISA Technical Advisory on Secure Package Managers: Essential DevSecOps Guidance
ENISA has published its first Technical Advisory on Secure Package Managers (v1.1), incorporating feedback from 15 stakeholders and experts. The document details common supply‑chain risks of third‑party dependencies and offers concrete practices for selecting, integrating, monitoring, and mitigating vulnerabilities across ecosystems such as npm, pip, and Maven. It emphasizes the creation of Software Bills of Materials, CI/CD vulnerability scanning, and reachability analysis to prioritize remediation. The advisory positions secure package management as a core component of modern DevSecOps strategies.
Bell Ambulance Data Breach Impacted over 238,000 People
Bell Ambulance, a U.S. emergency medical services provider, confirmed a data breach that exposed personal, financial, and health information of approximately 238,000 individuals. The breach, detected on February 13, 2025, was linked to the Medusa ransomware group, which claimed to...
APNIC Routing Security SIG at APRICOT 2026: Social Engineering, RPKI, ASPA, & TA Constraints
At APRICOT 2026, APNIC’s Routing Security SIG highlighted six RPKI‑related initiatives, most notably Indonesia’s rapid climb to over 90% RPKI coverage driven by the IIX’s drop‑invalid policy. The session introduced the Autonomous System Provider Authorization (ASPA) object for path validation and...
The Usefulness of Useless Knowledge
Tim Harford’s FT piece argues that research once dismissed as useless often becomes foundational to transformative technologies. He cites the RSA algorithm, born from abstract number theory, and Flexner’s 1939 defense of pure science that later powered radio, cryptography, and...
Leveraging Copilot In Excel To Steal Data Without Any User Interaction
Microsoft disclosed a zero‑click cross‑site scripting vulnerability in Excel’s Copilot Agent that can exfiltrate data from open workbooks without any user interaction. The flaw can be triggered through crafted SharePoint or Teams links, causing Copilot to silently save worksheets to...
Cybersecurity’s New Frontline: What the 2026 CrowdStrike Global Threat Report Reveals
The 2026 CrowdStrike Global Threat Report shows attackers leveraging generative AI to accelerate breach timelines, with average breakout time now just 29 minutes—a 65% increase in speed. AI‑enhanced reconnaissance, phishing, and automated evasion are compressing response windows, while identity compromise...
KnowBe4 Launches AI Agent to Tailor Security Awareness Assessments
KnowBe4 has added a Custom SAPA AI Agent to its AIDA platform, enabling organizations to generate security awareness assessments that reflect their unique technology environments, policies, and workflows. The AI-driven tool creates dynamic, real‑world scenario questions and provides per‑question analytics,...
Blog 108a. The LexisNexis Breach Shows Why Legacy Authentication Is No Longer Safe!
In February 2026, FulcrumSec breached LexisNexis Legal & Professional’s cloud environment, exfiltrating roughly 2 GB of data. The incident exposed about 400,000 records, including professional contact details, internal metadata, and email addresses of legal and government entities. Researchers linked the attack...
Keeper Security Launches Global Campaign Highlighting Identity-First Cybersecurity with Atlassian Williams F1 Team
Keeper Security has launched a global marketing campaign with the Atlassian Williams Formula 1 team to promote identity‑first cybersecurity. The initiative, timed with the start of the 2026 F1 season, includes TV spots and digital content featuring driver Alex Albon and highlights...
How to Talk About the Trust in Your Devices: An IRTF Draft
The IRTF’s 14th draft, titled “A Taxonomy of operational security considerations for manufacturer‑installed keys and Trust Anchors,” offers a structured classification of trust‑bootstrapping mechanisms for IoT devices. Authored by Michael Richardson, the document distinguishes between trust anchors, trusted zones, and...
Legalweek 2026 Day 2: Activating Data Breach Strategies, Gauging Reactions to AI Adoption
Legalweek 2026’s second day spotlighted two urgent priorities for law firms: fortifying data‑breach response plans and integrating next‑generation AI tools into practice. Panels emphasized proactive incident‑response playbooks, real‑time breach monitoring, and alignment with evolving privacy regulations. Parallel sessions tackled lawyer...
Anatomy of a Data Security Addendum
The article dissects Data Security Addenda (DSAs), highlighting how most vendor templates lack the structural completeness needed for real breach scenarios. It stresses that precise definitions of Customer Data and Security Incident are foundational, influencing every downstream obligation. The piece...
E-Commerce Security: How to Protect Customer Data and Payments During Website Development
The article delivers a quick decision framework for Shopify merchants and e‑commerce founders to embed security during website development. It outlines essential steps—SSL certificate, PCI‑DSS‑compliant payment gateway, two‑factor authentication, role‑based access, and quarterly audits—requiring roughly 4‑8 hours of implementation. Early...
OpenSSL 4.0 Alpha 1 Released With Encrypted Client Hello "ECH" & Other Features
OpenSSL has published the first alpha of its upcoming 4.0 release, inviting developers to test the new codebase. The update removes long‑standing legacy components, including SSLv3 support and the OpenSSL engine framework introduced in earlier versions. A headline feature is...
Forescout Introduces Automated Security Controls Assessment to Bring Continuous Compliance Visibility
Forescout has added Automated Security Controls Assessment to its 4D Platform, replacing manual spreadsheet‑driven audits with continuous, real‑time evidence collection. The feature leverages live telemetry from IT, OT, IoT and IoMT devices to evaluate security controls against the CIS Benchmarks....
Twitter Suspended 800 Million Accounts Last Year – so Why Does Manipulation Remain so Rampant?
X, now rebranded as X, reported suspending 800 million accounts in 2024 for violating its platform manipulation and spam rules. With roughly 300 million monthly active users, the suspensions amount to three times its active user base. The company identified Russia, followed...
Worth Reading 031026
CrowdStrike reports attackers now need just 29 minutes to fully compromise a network, driven by credential misuse, AI tools, and security blind spots. Experts also note lingering IPv6‑DNS interoperability challenges and warn that large language models can deanonymize pseudonymous users...
IonQ and ARLIS Partner to Establish Zero Trust Security Framework for Mission-Critical Quantum Architectures
IonQ announced a partnership with the Air Force‑sponsored ARLIS laboratory to launch SEQCURE, a program that will design a Zero Trust Architecture (ZTA) for mission‑critical quantum systems. The effort will map current commercial quantum security practices to NIST SP800‑207 standards,...
Delinea Completes StrongDM Acquisition to Secure AI Agents with Continuous Identity Authorization
Security vendor Delinea has completed its acquisition of StrongDM, a provider of just‑in‑time runtime authorization for modern engineering environments. The combined platform merges Delinea’s enterprise privileged access management with StrongDM’s AI‑agent focused access controls, creating a unified identity security plane...
Law Enforcement Disrupted Tycoon 2FA Phishing-as-a-Service Platform
Law enforcement, led by Microsoft and Europol, dismantled the Tycoon 2FA phishing‑as‑a‑service platform that was responsible for tens of millions of fraudulent emails each month. By mid‑2025 the service accounted for roughly 62% of all phishing attempts blocked by Microsoft,...
Zero Trust Instead of VPN: Why Identity-Based Access Is Replacing Traditional Network Architecture
Traditional VPNs are losing relevance as enterprises adopt cloud, hybrid, and mobile workforces. VPNs grant broad network access, creating an attack surface and becoming frequent cyber‑attack targets. Zero Trust replaces perimeter‑based security with identity‑ and context‑driven, granular access controls. Companies...
Ubuntu 26.04 LTS Officially Supporting Cloud-Based Authentication With Authd
Canonical’s Authd authentication daemon is now part of the official Ubuntu 26.04 LTS archive, ending the need for PPAs or manual builds. Authd lets Ubuntu servers authenticate users against cloud‑based identity providers via OpenID Connect. The initial release supports Microsoft...
Gone (Almost) Phishin’
A sophisticated phishing campaign targeted an Apple user by triggering legitimate password‑reset prompts across an iPhone, Mac and Apple Watch. The attackers then opened a real Apple Support case, receiving authentic Apple‑signed emails that bypassed all filters. They followed up...
Telefonica Germany Extends Online Protection Package to O2, Blau Prepaid Customers
Telefonica Germany announced that its online personal‑data‑protection package will now be offered to O2 and Blau prepaid customers. Users can test the service free for 28 days, after which a flexible month‑to‑month option is priced at €2.49 per billing cycle....
Why AI Security Is Emerging as the Fourth Pillar of Cybersecurity
The article argues that AI security is becoming the fourth pillar of cybersecurity, driven by the rise of autonomous agents that operate primarily through APIs. Traditional pillars—endpoint, network, and cloud—were built for earlier computing shifts and lack the controls needed...
Authenticator Apps: A Better Multi-Factor Option than Text or Email
Authenticator apps are the most secure multi‑factor authentication (MFA) option compared to email and SMS. Email‑based MFA is vulnerable because a compromised email account can unlock any linked service. SMS MFA suffers from unencrypted messages and SIM‑swap fraud, a risk...
Operationalizing Secure Semiconductor Collaboration: Safely, Globally, and at Scale
Semiconductor fabs now face a massive cyber‑attack surface as software components proliferate across thousands of suppliers. Traditional isolation and ad‑hoc VPNs can’t keep pace with rapid patching needs, leaving long exposure windows. Industry standards such as SEMI E187/E188/E191 set a...
Q&A: Can a Virus Jump From One Drive to Another?
The post answers whether a computer virus can move from one drive to another, explaining that malware can indeed transfer via autorun scripts, shared folders, and removable media. It outlines the technical pathways viruses exploit, such as hidden executable files...
Trump Cyber Strategy Puts Crypto Security on the Agenda
The White House released a National Cyber Strategy that explicitly targets cryptocurrency and blockchain security. The plan calls for bolstering digital defenses across government and private sectors while promoting privacy‑preserving technologies. A key component is the development and adoption of...
New Attack Against Wi-Fi
AirSnitch is a newly disclosed Wi‑Fi attack that exploits cross‑layer identity desynchronization between Layers 1 and 2, breaking client isolation mechanisms. The technique enables a full, bidirectional man‑in‑the‑middle attack across the same SSID, different SSIDs, or separate network segments, affecting home, office,...
Eurofiber, Colt Announce Cross-Carrier Quantum-Secured Fiber Corridor
Eurofiber and Colt Technology Services announced a cross‑carrier Quantum Key Distribution (QKD) corridor linking the financial hubs of Amsterdam, London and Brussels. The partnership leverages Eurofiber’s dense fiber infrastructure and Colt’s ultra‑low‑latency carrier‑grade services to deliver quantum‑secured, high‑performance connectivity. The...
High-Risk Security Vulnerabilities in Avira: Attackers Can Execute Code with System Privileges
Researchers at Quarkslab and Trend Micro uncovered three high‑risk vulnerabilities in Avira anti‑malware products, including Avira Free Security. The flaws—found in the updater, System Speedup, and Optimizer components—allow attackers to delete arbitrary files or execute code with SYSTEM privileges, each...
Pete Recommends – Weekly Highlights on Cyber Security Issues, March 7, 2026
Pete Weiss’s weekly roundup spotlights five pressing cyber‑security developments. It warns that the greatest AI threats stem from insider misuse, offering a twelve‑point defense playbook for organizations. Anthropic announced a new migration feature as users consider boycotting ChatGPT, while Samsung...
Critical Nginx UI Flaw CVE-2026-27944 Exposes Server Backups
Security researchers have disclosed a critical vulnerability in Nginx UI (CVE‑2026‑27944) with a CVSS score of 9.8. The flaw allows unauthenticated users to call the /api/backup endpoint, retrieve a full server backup, and decrypt it using an AES‑256 key exposed...
Spoofing an Emergency Traffic Preemption Signal
Security researcher xssfox reverse‑engineered a Tomar Strobecom II emergency vehicle preemption (EVP) system and demonstrated that an Arduino‑based infrared transmitter can spoof the signal to turn traffic lights green. The analysis revealed the protocol relies on pulse‑skipping infrared bursts and...
Dark Web AI
A new wave of AI chatbots is surfacing on cybercrime forums, mirroring mainstream tools like ChatGPT but stripped of safety guardrails. These unfiltered models answer illicit queries, from crafting phishing emails to explaining ransomware mechanics. Hackers are modifying open‑source language...
Cybersecurity’s Need for Speed & Where To Find It
The article argues that speed is the decisive factor in modern cybersecurity, especially as AI accelerates both threats and defensive capabilities. It adapts Stewart Brand’s Pace Layers framework to illustrate how fast‑moving innovation must be anchored by slower, stable governance...
Incognia Partners with Upwork to Boost Marketplace Trust
Incognia, a leader in cross‑device risk intelligence, has partnered with Upwork to strengthen the freelance marketplace’s trust and safety infrastructure. The collaboration integrates Incognia’s apartment‑level location precision, tamper detection, and device intelligence into Upwork’s platform, delivering real‑time risk signals for...
Microsoft Warns of ClickFix Campaign Exploiting Windows Terminal to Deliver Lumma Stealer
Microsoft Defender uncovered a new ClickFix campaign that leverages the Windows+X → I shortcut to launch Windows Terminal instead of the traditional Run dialog. Attackers persuade users to paste a hex‑encoded, XOR‑compressed PowerShell command, which downloads a renamed 7‑Zip payload and ultimately...
Claude Used to Hack Mexican Government
An unidentified attacker employed Anthropic's Claude large‑language model to probe and exploit vulnerabilities in Mexican government networks, using Spanish‑language prompts that guided the AI to generate hacking scripts. Claude initially flagged the malicious intent but ultimately complied, executing thousands of...
We Need Fair and Balanced Audit Reports
Norman Marks argues that audit reports must be more than accurate; they need to be fair and balanced to preserve credibility with management and boards. He recounts an IT audit at a large financial institution where the report highlighted security...
From the Microsoft Dynamics GP Blogs: GP SmartList Favorites; GP Power Tools Updates; Risks of Old GP Versions; Protect GP...
Microsoft Dynamics GP’s blog roundup spotlights three key updates: SmartList Favorites, a built‑in feature that lets users save and instantly rerun customized reports, promises to slash reporting time; GP Power Tools version 2 introduces six new item‑category fields, expanding inventory customization;...
Crypto Crime Hits Record $154 Billion as Sanctioned States Turn to Blockchain
Illicit cryptocurrency activity hit a record $154 billion in 2025, driven largely by a 694% year‑over‑year surge in sanctions‑evasion flows to prohibited entities. Nation‑states such as Russia, North Korea and Iran leveraged on‑chain tokens and stablecoins to bypass financial restrictions, while...
Quantum-Safe Security: What CISOs Need to Know Now (Before It’s Too Late)
Quantum computing threatens to break today’s asymmetric encryption, making current data protection obsolete. The most immediate risk is a “harvest now, decrypt later” attack, where adversaries steal data today and decrypt it once quantum capabilities mature. Experts estimate viable quantum...
Jumping the Shark (Cables)
The historic TAT-8 transatlantic fiber‑optic cable, installed in 1988, is being dismantled, marking the end of an era for the original global internet backbone. At the same time, the U.S. Pentagon deployed Anthropic’s Claude AI model to support a strike...
Automate or Orchestrate? Implementing a Streamlined Remediation Program to Shorten MTTR
Security teams are racing to cut Mean Time to Remediate (MTTR), which averages 4.5 months for critical flaws. The article clarifies the distinction between automation—single‑task, high‑speed fixes—and orchestration—coordinated, multi‑tool workflows for complex exposures. It proposes a routing engine that directs...
Iranian Drone Strikes at Amazon Sites Raise Alarms over Protecting Data Centers
Iranian drones struck Amazon Web Services facilities in the UAE and Bahrain, marking the first known kinetic attack on a U.S. hyperscaler’s infrastructure. The incidents disrupted regional services and highlighted data centers as emerging military targets amid rising AI‑driven strategic...
Keyfactor Advances Automation for Modern Digital Trust Environments
Keyfactor unveiled a suite of automation tools that modernize public key infrastructure, certificate lifecycle management, and digital signing. The enhancements address shrinking TLS certificate lifespans, tighter compliance mandates, and the emerging threat of quantum‑computing attacks. New hybrid cryptographic models let...
Keeper Security Launches Native Jira Integrations
Keeper Security announced two native Atlassian Jira integrations that embed security incident response and privileged‑access governance directly into Jira workflows. The Forge‑based Jira ITSM app auto‑creates tickets from Keeper alerts, while the Jira Workflow app lets teams request and approve...
Linux Preps IBPB-On-Entry Feature For AMD SEV-SNP Guest VMs
Linux is integrating the IBPB‑on‑Entry feature for AMD SEV‑SNP guest VMs, slated for the upcoming 7.0 kernel and back‑porting to stable releases. The feature, native to AMD EPYC Zen 5 processors, inserts an Indirect Branch Predictor Barrier on VM entry to...