Recent Posts
News•Mar 1, 2026
Exposing a Fraudulent DPRK Candidate
Nisos uncovered a suspected North Korean operative who applied for a remote Lead AI Architect position using stolen personal data, a newly created email, and an AI‑generated résumé. The investigation revealed a broader employment‑fraud network that operated a laptop farm in Florida, leveraging Raspberry Pi‑based IP‑KVM devices and mesh‑VPN services such as Tailscale. The operative’s tactics included Astrill VPN usage, VoIP phone numbers, multiple fabricated résumé profiles, and AI‑driven interview responses. Nisos’ OSINT‑driven due‑diligence exposed these tactics, highlighting the evolving threat of state‑sponsored cyber talent pipelines.
By Security Boulevard
News•Mar 1, 2026
NDSS 2025 – MTZK: Testing And Exploring Bugs In Zero-Knowledge (ZK) Compilers
Researchers from Hong Kong University of Science and Technology introduced MTZK, a metamorphic testing framework designed to assess the correctness of zero‑knowledge (ZK) compilers. By applying systematically generated input mutations, MTZK automatically checks whether compiled circuits preserve intended semantics. In...
By Security Boulevard
News•Feb 28, 2026
Why EasyDMARC Is the Best Enterprise DMARC Solution
EasyDMARC positions itself as the premier DMARC platform for large enterprises, offering automated SPF, DKIM, and DMARC configuration, centralized monitoring, and intuitive reporting dashboards. The solution tackles the complexity of managing hundreds of domains, third‑party senders, and global email infrastructures...
By Security Boulevard
News•Feb 28, 2026
NDSS 2025 – JBomAudit: Assessing The Landscape, Compliance, And Security Implications Of Java SBOMS
The NDSS 2025 paper JBomAudit presents the first systematic study of Java Software Bill of Materials (SBOMs), analyzing 25,882 SBOMs and their associated JAR files. It finds that 7,907 SBOMs (about 30%) omit direct dependencies, and 4.97% of those hidden...
By Security Boulevard
News•Feb 28, 2026
IOS Penetration Testing: Definition, Process and Tools
iOS penetration testing is a structured methodology for uncovering and exploiting security flaws in iOS applications, typically spanning preparation, static and dynamic analysis, reverse engineering, exploitation, and reporting. Recent data shows engagements cost between £2,000 and £50,000 and require 10‑20...
By Security Boulevard
News•Feb 27, 2026
What Is the Role of AI in Driving Cybersecurity Innovation
Non-Human Identities (NHIs) are becoming central to cybersecurity as organizations accelerate digital transformation. By managing machine identities, tokens and keys throughout their lifecycle, companies can reduce breach risk, improve compliance, and automate secret rotation. AI‑driven platforms add context‑aware detection, enabling...
By Security Boulevard
News•Feb 27, 2026
How Do Leaders Ensure AI System Safety and Compliance
Leaders are urged to prioritize Non‑Human Identities (NHIs) – machine identities such as tokens, keys and certificates – as a core component of AI system safety and regulatory compliance. The article outlines how inadequate discovery, classification and secret rotation create...
By Security Boulevard
News•Feb 27, 2026
How to Do Email Analysis ? Complete Guide
Email remains the top vector for cyber‑crime, with attackers increasingly bypassing gateways by exploiting trusted domains and crafting seemingly routine messages. The guide outlines a seven‑step, evidence‑driven process—collecting full headers, parsing authentication results, and analyzing content and attachments—to differentiate legitimate...
By Security Boulevard
News•Feb 27, 2026
Cyberattacks on Hospitals Cost Lives. Here’s How to Fight Back at Machine Speed.
Morpheus is an AI‑driven platform that ingests alerts from a hospital’s existing security stack—SIEM, EDR, firewalls, NDR, email security, DLP and identity tools—and stitches them into a single ransomware kill‑chain view. By correlating these signals, it can surface an attack...
By Security Boulevard
News•Feb 27, 2026
NDSS 2025 – CASPR: Context-Aware Security Policy Recommendation
The paper presented at NDSS 2025 introduces CASPR, a context‑aware system that automatically recommends and refines SELinux security policy rules. By aggregating policy rules, file locations, audit logs, and attribute data, CASPR extracts features, clusters types with K‑means, and generates...
By Security Boulevard
News•Feb 27, 2026
The Key Components of a Vendor Relationship Management Framework
The rise of distributed supply chains has turned vendors into ongoing operational dependencies, prompting the need for a structured Vendor Relationship Management (VRM) framework. By distinguishing day‑to‑day vendor management from strategic Supplier Relationship Management, companies can ensure reliability while fostering...
By Security Boulevard
News•Feb 26, 2026
HackerOne Adds AI Agent to Validate Vulnerabilities
HackerOne introduced an AI agent that automatically validates reported vulnerabilities, distinguishing real threats from false positives. The agent, built on the Hai platform and trained with a Continuous Threat Exposure Management methodology, assesses risk, identifies duplicates, and recommends remediation priorities....
By Security Boulevard
News•Feb 26, 2026
Fake Zoom and Google Meet Scams Install Teramind: A Technical Deep Dive
A fake Zoom update and a parallel Google Meet impersonation are delivering the same Teramind monitoring MSI to Windows PCs. The installer’s filename contains a unique 40‑character hex string that the MSI parses at install time to set attacker‑specific instance IDs,...
By Security Boulevard
News•Feb 26, 2026
Can Agentic AI Effectively Handle Enterprise Security Needs
Enterprises are turning to Non‑Human Identity (NHI) management to close security gaps created by machine‑generated accounts and their secrets. By automating discovery, classification, monitoring and decommissioning, organizations can reduce breach exposure while cutting operational costs. Centralized NHI platforms deliver real‑time...
By Security Boulevard
News•Feb 26, 2026
Does Implementing Agentic AI Fit the Budget of SMBs
Non‑human identities (NHIs) such as machine‑generated secrets are becoming a critical attack surface, prompting organizations to adopt comprehensive NHI management across discovery, classification, detection and remediation stages. Effective NHI programs deliver reduced breach risk, regulatory compliance, and operational efficiencies through...
By Security Boulevard
Deals•Jan 28, 2026
Radware Acquires Pynt to Bolster API Security Testing
Radware announced this week that it has acquired Pynt, a provider of API security testing tools. The acquisition will expand Radware's API security platform with design and testing capabilities, enhancing its offering for cybersecurity teams.
Security Boulevard
Deals•Jan 18, 2026
ICE Acquires Tangles Social‑Media Monitoring Tool to Boost Surveillance
U.S. Immigration and Customs Enforcement (ICE) has recently acquired the social‑media monitoring tool Tangles, expanding its surveillance capabilities. The acquisition, highlighted in a recent report, complements ICE's existing system that includes the Webloc tool. Deal terms and value were not...
Security Boulevard
Deals•Jan 18, 2026
Merge Labs Raises $252M to Link Brains and Computers
Merge Labs, a brain‑computer interface startup co‑founded by AI entrepreneur Sam Altman, announced a $252 million fundraising round to develop devices that connect human brains to computers. The capital will be used to advance medical applications before expanding to consumer products.
Security Boulevard