Phishing Tactics Shift From Freebies to Political Pitches
Evolution of phishing scams: -“Click here to redeem a free iPhone” -“This is USPS. We’re holding your package” -“Vote for me to co-host a podcast”
Treat Dependencies as External Attack Surfaces, Upgrade Tooling
Your Dependencies Are Someone Else's Attack Surface https://t.co/zDbAITTE9f < good post with cause for optimism at the end. But we need to apply better skills/services to agent tooling to stay diligent when building
Simple Closure Launches Asset Hub to Sell Legacy Data
a company called @simple_closure that helps startups wind down is launching "asset hub", which is a marketplace to sell all the old slack/email data apparently they are working on hardening the PII removal tech for this
Agentic AI Security Needs Layered, Integrated Defenses
We keep asking how to solve agentic security as if there is a single answer, but most of the conversations I am having suggest it is a combination of least privilege, access controls, monitoring, and good architecture. The question might not...
New AI TUIs May Expand Attack Surface via React
I know there are some new TUIs coming out for AI development but I’m concerned about increasing the attack surface with web technologies like react. Securing AI is hard enough as it is.
World Cup Partners Neglect Strong DMARC Domain Protection
Some World Cup partners are not actively protecting their domain name with the strongest DMARC policy. https://t.co/Q4k3WpQ9hb
Russia Caps Bandwidth, Forcing VPN Filters or Price Hikes
Russia’s fight against digital privacy escalates as internet providers agree to freeze the expansion of cross-border channels into Europe. By capping international bandwidth, authorities aim to force telecom operators to either filter VPN traffic or hike prices, making it harder...
OpenAI Chooses CrowdStrike for Defender‑Focused AI Security
The top AI labs are building for defenders now. Today @OpenAI selected CrowdStrike for their Trusted Access for Cyber program. CrowdStrike continues to lead the market in secure AI adoption, trusted by AI leaders and organizations of all sizes to accelerate...
Mid‑Market Firms Must Close Compliance Gaps Now
Mid-market regulated firms are sitting on a compliance gap. PHI/PII pipelines built for speed, not governance. DLT expectations. Unity Catalog policies. On-call ownership. Most have one layer. Few have all five. Build it right once. Outrun the audit.
Small Businesses Need Post‑quantum Encryption Now
Even if you’re a small business, your data has long-term value. Cybercriminals are hoarding encrypted data, betting quantum computers will crack it. Post-quantum cryptography (PQC) and PQC-ready vendors are the defense today. https://t.co/JCn5eZDeii
AI Revives Early‑2000s 0‑Day Chaos
Has AI brought back the early 2000s? People can find and exploit 0days easily. Hackers angry at Microsoft are dropping 0day. Frosted tips are cool again (ok, that one would mean the apocalypse)
SMBs Know Basics; Prioritize What Truly Matters
For SMBs, cybersecurity is rarely a knowledge problem. Most teams know the basics. The challenge is figuring out what actually matters for their business and doing that well.
Scammers Clone Slack Downloads to Distribute Silent Malware
Scammers are cloning Slack download pages almost perfectly. Same layout, same buttons, and the same Download experience. You have to install. But instead of Slack, you end up with malware running quietly in the background.
Future‑Proof Chains Must Be Quantum‑Resistant, Regardless of Timeline
Whether you believe quantum computers will become reality as soon as 2029 or decades from now, it doesn't matter. The potential alone will scare people, and there will come a point when whatever you're building will have to be quantum...
If You Worry About Windows Privilege Escalation, Your Security Fails
Repeat after me: Your security program is not good enough to have to worry about escalation of privilege on Windows
