Imprivata Delivers Passwordless Access to Improve Security, Compliance, and Productivity
Imprivata has expanded its Enterprise Access Management platform with context‑aware passwordless authentication, AI‑powered risk signaling, and behavioral analytics. The new suite supports FIDO passkeys, facial recognition, and zero‑trust VPN‑less remote access, aiming to streamline access for frontline staff and knowledge workers. A recent Imprivata survey shows 85% of healthcare IT leaders view passwordless as mission‑critical, yet only 7% have fully adopted it, highlighting the need for integrated solutions. By unifying multiple authentication tools, Imprivata seeks to boost security, compliance, productivity, and reduce total cost of ownership.
Portnox Expands ZTNA with Passwordless Access for RDP, SSH, and Enterprise Consoles
Portnox has broadened its zero‑trust network access (ZTNA) platform to include passwordless connectivity for console‑based protocols such as RDP, SSH, VNC and Telnet. The expansion removes credential‑based authentication, a vector behind roughly 80 % of data breaches, while preserving a frictionless...
BloodHound Scentry Helps Organizations Reduce Identity Risk and Close Attack Paths
SpecterOps has launched BloodHound Scentry, a managed service that pairs the BloodHound Enterprise platform with seasoned security practitioners to fast‑track identity attack‑path management (APM). The offering delivers tailored remediation, monthly threat analysis, privilege‑zone design, OpenGraph extensions, and custom reporting, promising...
Trojanized 7-Zip Downloads Turn Home Computers Into Proxy Nodes
Malwarebytes discovered a trojanized version of the popular 7‑Zip installer that silently adds proxyware payloads, turning compromised home computers into residential proxy nodes. The malicious installer is hosted on a look‑alike domain (7zip.com) and is often reached through erroneous links...
Armis Centrix Brings Unified, AI-Driven Application Security to the SDLC
Armis introduced Centrix for Application Security, an AI‑driven platform that unifies vulnerability detection across the entire software development lifecycle. The solution scans source code, dependencies, container images and configuration files in unlimited languages, delivering context‑aware insights tied to the CI/CD...
DuckDuckGo Enables AI Voice Chat without Saving Voice Data
DuckDuckGo has integrated AI-powered voice chat into its Duck.ai assistant, allowing users to converse with the model using spoken input. The company emphasizes that audio streams are processed in real time and are not stored after the session, with encryption...
How AI Is Reshaping Attack Path Analysis
Cybersecurity teams are drowning in disparate findings, while adversaries leverage AI to craft rapid attack chains. By integrating AI with the MITRE ATT&CK framework, organizations can generate dynamic heat maps that surface coverage gaps and model realistic attack paths. Platforms...
What Happens when Cybersecurity Knowledge Walks Out the Door
Andrew Northern, Principal Security Researcher at Censys, argues that mentorship is vital for preserving institutional memory and judgment under pressure in cybersecurity teams. He warns that when senior defenders disengage, the tacit knowledge needed to protect legacy‑heavy environments evaporates quickly....
AI-Driven Scams Are Eroding Trust in Calls, Messages, and Meetings
AI agents are now automating the research and targeting phases of social engineering, turning weeks‑long preparations into minutes. This automation lowers both the skill threshold and cost for launching phishing and scam campaigns. Deepfake audio and video are being used...
Cybersecurity Jobs Available Right Now: February 10, 2026
February 2026’s cybersecurity job roundup lists 26 open positions across 12 countries, ranging from cloud security engineers to senior threat‑intelligence analysts. The roles cover cloud, AI, OT, and zero‑trust specializations, with many offering hybrid or fully remote work. Employers span consulting...
BeyondTrust Fixes Easy-to-Exploit Pre-Auth RCE Vulnerability in Remote Access Tools (CVE-2026-1731)
BeyondTrust has patched a critical pre‑authentication remote code execution flaw (CVE‑2026‑1731) affecting its Remote Support and Privileged Remote Access products. The vulnerability lets unauthenticated attackers run OS commands on vulnerable on‑premise deployments. SaaS customers received the fix on February 2 2026, while...
OpenAI Updates Europe Privacy Policy, Adding New Data Categories
OpenAI has refreshed its Europe‑facing privacy policy to align with the November 2024 EU revisions. The new document expands coverage to include files, images, audio, video, and contact data, while adding clearer sections on user controls such as opting out of...
United Airlines CISO on Building Resilience when Disruption Is Inevitable
United Airlines’ chief information security officer, Deneen DeFiore, explained how the carrier modernizes cybersecurity without jeopardizing safety‑critical aircraft systems. The airline wraps legacy platforms with modern identity, segmentation and monitoring controls while adding compensating resilience measures. United treats cyber risk...
Allama: Open-Source AI Security Automation
Allama is an open‑source security automation platform that lets teams build visual workflows for threat detection and response. It ships with integrations for more than 80 security tools, from SIEMs to ticketing systems, and leverages AI‑powered agents that can enrich,...
AI Agents Behave Like Users, but Don’t Follow the Same Rules
The Cloud Security Alliance report warns that autonomous AI agents are expanding faster than identity and access management (IAM) frameworks can keep up. Organizations still rely on static credentials such as API keys and shared accounts, while modern workload‑identity standards...
State-Backed Phishing Attacks Targeting Military Officials and Journalists on Signal
German authorities have identified a likely state‑backed hacking group targeting senior political figures, military officials, diplomats, and investigative journalists via the Signal messaging app. The attackers use two phishing variants: impersonating Signal support to solicit security PINs or verification codes,...
MintMCP’s Governance Platform Helps Organizations Deploy, Monitor, and Secure AI Agents
MintMCP introduced an enterprise governance platform that lets organizations deploy, monitor, and secure AI agents and MCP servers at scale. The solution offers one‑click MCP server provisioning, real‑time agent activity tracing, and configurable guardrails to block risky actions. It also...
February 2026 Patch Tuesday Forecast: Lots of OOB Love This Month
Microsoft’s February 2026 Patch Tuesday follows a heavy January with 92 Windows 11/Server 2025 and 79 Windows 10 vulnerabilities addressed. Three out‑of‑band (OOB) patches were released in January to fix remote‑desktop credential prompts, Outlook .pst cloud storage errors, and a zero‑day Office vulnerability...
Kasada Account Intelligence Combats Manual Fraud and Abuse
Kasada has launched Account Intelligence, a real‑time solution that detects manual, account‑level fraud and abuse before financial loss occurs. The product uses high‑fidelity device telemetry linked to account behavior, allowing early identification of credential abuse, promo fraud, and coordinated multi‑account...
Mobile Privacy Audits Are Getting Harder
Mobile privacy audits face verification gaps as apps hide data flows behind permissions and encrypted traffic. The new mopri framework combines static analysis of APKs with dynamic, user‑driven execution to capture real‑world network activity on Android devices. It offers modular...
The Hidden Cost of Putting Off Security Decisions
Hanah Darley, Chief AI Officer at Geordie AI, warns that postponing security decisions creates a hidden "visibility debt" that compounds over time. Each quarter without adequate insight allows shadow IT, legacy systems, and unmanaged assets to proliferate, leading to larger...
Microsoft Launches LiteBox, a Security-Focused Open-Source Library OS
Microsoft unveiled LiteBox, an open‑source library operating system designed to act as a secure kernel layer for protecting guest kernels through hardware virtualization. Developed alongside the Linux Virtualization Based Security (LVBS) project, LiteBox runs security‑critical code in a hardened, isolated...
AiStrike Introduces AI-Powered MDR to Reduce Costs and Alert Fatigue
AiStrike has launched AiStrike MDR, an AI‑powered managed detection and response service that replaces traditional human‑intensive SOCs with an AI‑led, expert‑guided model. The platform unifies threat intelligence, detection, investigation and response across cloud, endpoint and identity data, delivering automated triage...
Varonis Acquires AllTrue.ai to Enable Safe, Compliant AI at Scale
Varonis announced the acquisition of AllTrue.ai to embed AI‑specific visibility and enforcement into its data‑centric security platform. The combined solution gives enterprises real‑time insight into AI models, agents and shadow AI, while applying guardrails that enforce least‑privilege access and compliance....
Smart Glasses Are Back, Privacy Issues Included
After the failure of Google Glass, smart glasses are re‑emerging, led by the Ray‑Ban Meta collaboration that blends fashion with AI‑enabled camera and microphone. Harvard students showed the device’s video can be fed into facial‑recognition systems to identify strangers, while...
Cybersecurity Planning Keeps Moving Toward Whole-of-Society Models
National governments are reshaping cybersecurity into whole‑of‑society frameworks that link risk management, workforce development, technology standards, and cross‑sector coordination. Centralized authorities act as hubs for incident response, intelligence sharing, and international cooperation, while private operators remain pivotal for critical infrastructure...
Measuring AI Use Becomes a Business Requirement
A Larridin survey reveals a 16‑point visibility gap between executives and directors on AI usage, highlighting pervasive shadow AI and fragmented governance. Large enterprises run an average of 23 AI tools, yet only 38 percent maintain a comprehensive inventory, leaving many...
ConnectSecure Introduces Linux Patching Capability to Simplify Cross-Distro Updates
ConnectSecure unveiled a cross‑platform Linux patching capability that consolidates updates for Red Hat, Ubuntu, Debian, and CentOS into a single console. The tool automates kernel and OS patch identification and deployment, cutting manual effort by up to 80 %. It also introduces...
SECNAP CloudJacket MXDR Integrates SOC, SIEM, and NDR
SECNAP Network Security launched CloudJacket MXDR, a managed extended detection and response platform that unifies SOC, SIEM, and NDR functions under a single pane of glass. Built on the patented CloudJacket foundation, the solution adds multi‑tenant capabilities, AI‑augmented analyst workflows,...
Avast Brings Deepfake Scam Detection to Windows PCs and Mobile Devices
Avast announced the global rollout of its Scam Guardian and Scam Guardian Pro apps for Android and iOS, and introduced Deepfake Guard for Windows PCs. The new AI‑driven feature scans video audio in real time to detect malicious deepfake content, supporting...
Detectify Internal Scanning Finds and Fixes Vulnerabilities Behind the Firewall
Detectify introduced Internal Scanning, a tool that extends its external‑facing crawling and fuzzing engine into private networks, enabling security teams to locate and fix vulnerabilities behind the firewall with the same speed as external tests. The solution deploys via a...
Global Threat Map: Open-Source Real-Time Situational Awareness Platform
Global Threat Map is an open‑source platform that aggregates multiple public threat‑intelligence feeds into a live, animated world map showing malware, phishing, botnet and other malicious activity. The project publishes its data‑collection code on GitHub, offering full transparency of sources...
How Secure by Design Helps Developers Build Secure Software
The Center for Internet Security and SAFECode have published "Secure by Design: A Guide to Assessing Software Security Practices," a risk‑based manual that integrates security into every stage of the software development lifecycle. The guide aligns the NIST Secure Software...
Why Incident Response Breaks Down when It Matters Most
In a Help Net Security video, Jon David, Managing Director at NR Labs, explains why incident response often collapses during active breaches. He highlights that hesitation, poor escalation, and weak communication let attackers outpace defenders. The discussion emphasizes that trust,...
Auto Finance Fraud Is Costing Dealers up to $20,000 per Incident
Auto dealers are facing a growing fraud problem that can cost up to $20,000 per incident, according to Experian research. The most common schemes involve income and employment misrepresentation, followed closely by synthetic and third‑party identity fraud. Fraud often surfaces...
Download: Tines Voice of Security 2026 Report
Tines has released its Voice of Security 2026 report, based on a survey of more than 1,800 security leaders and practitioners worldwide. The study reveals that while AI adoption is accelerating across security teams, manual work, rising workloads and burnout remain...
Sandisk Brings SPRandom to Open Source for Large SSD Testing
SanDisk unveiled SPRandom, an open‑source preconditioning utility for large‑capacity enterprise SSDs. The tool, contributed to the fio benchmark suite, can shrink the time required to bring a 128 TB drive to steady state from over 144 hours to roughly six hours—a reduction...
Malwarebytes in ChatGPT Delivers AI-Powered Protection Against Scams
Malwarebytes has launched Malwarebytes in ChatGPT, embedding its threat‑intelligence engine into OpenAI’s chatbot to let users instantly assess scams, phishing links, and suspicious domains. The service draws on a continuously updated database that protects millions of devices, offering point‑by‑point analysis...
Span Cyber Security Arena 2026: Only 10 Days Left to Secure Early Bird Tickets
Span Cyber Security Arena 2026 will be held May 20‑22 in Poreč, Croatia, at the five‑star Pical Resort. The event features three days of conference sessions plus two pre‑conference masterclasses on May 18‑19 for engineers, architects, and consultants. Keynote speakers include...
Open-Source AI Pentesting Tools Are Getting Uncomfortably Good
Open‑source AI pentesting tools are reaching production‑grade performance, with BugTrace‑AI, Shannon, and the Cybersecurity AI Framework (CAI) each demonstrating distinct strengths in a lab test. BugTrace‑AI acts as a low‑noise reconnaissance assistant, flagging likely flaws without launching exploits. Shannon takes...
Where NSA Zero Trust Guidance Aligns with Enterprise Reality
The NSA released Phase One and Phase Two of its Zero Trust Implementation Guidelines, outlining 36 and 41 activities respectively to achieve 30 and 34 distinct capabilities. The guidance builds on earlier Primer and Discovery Phase documents and aligns with...
Pompelmi: Open-Source Secure File Upload Scanning for Node.js
Pompelmi is an open‑source toolkit that adds inline malware scanning to Node.js file‑upload handlers. It inspects files in memory, applying configurable policies on extensions, size, MIME types, and archive contents before any data reaches storage. The library offers pluggable scanning...
What Boards Need to Hear About Cyber Risk, and What They Don’t
Entrust CIO Rishi Kaushal explains how security leaders should brief corporate boards on cyber risk, linking cryptography, certificates, and authentication to tangible business outcomes such as revenue loss, outages, fraud, and regulatory exposure. He demystifies the digital‑trust layer, arguing that...
AI Is Flooding IAM Systems with New Identities
The Cloud Security Alliance reports that AI‑generated identities are being treated like traditional non‑human accounts, exposing them to the same IAM weaknesses such as credential sprawl and unclear ownership. AI systems create and retire identities at unprecedented speed, overwhelming legacy...
Microsoft Sets New Timeline for Sentinel Transition to Defender Portal
Microsoft has postponed the migration of Microsoft Sentinel from the Azure portal to the Microsoft Defender portal, setting a new sunset date of March 31 2027—about nine months later than originally planned. The shift responds to extensive customer and partner feedback requesting...
Arkose Titan Aims to Make Bot, Scraping, and AI Fraud Economically Unviable
Arkose Labs unveiled Arkose Titan, a unified platform that defends against both human‑driven and AI‑powered fraud, scraping, and bot attacks. The solution consolidates bot detection, device and email intelligence, API security, behavioral biometrics, and phishing protection into a single API...
EFF Calls Out Major Tech Companies on Encryption Promises
The Electronic Frontier Foundation (EFF) has launched the "Encrypt It Already" campaign, urging major tech firms to fulfill announced end‑to‑end encryption promises, enable encryption by default, and broaden encrypted storage. The initiative groups demands into three categories—Keep your promises, Defaults...
Apple’s New Privacy Feature Limits How Precisely Carriers Track Your Location
Apple introduced a new privacy setting called Limit Precise Location in iOS 26.3, which reduces the granularity of location data shared with cellular networks. When enabled, carriers can only determine a user’s approximate neighborhood rather than the exact address, while app‑level...
Wearable Tech Adoption Continues as Privacy Worries Grow
Over one billion people now wear fitness trackers that continuously collect health metrics, creating a massive stream of sensitive personal data. A recent Clutch survey shows 74% of users are worried about how this data is handled, while only 58%...
Virtue AI AgentSuite Enables Enterprises to Test and Secure AI Agents
Virtue AI has launched AgentSuite, a multi‑layer security and compliance platform designed for enterprise AI agents. The solution lets organizations test agents, enforce real‑time guardrails, and control tool access while providing full audit trails. IBM research shows 79% of enterprises...
