NDSS 2025 – TrajDeleter: Enabling Trajectory Forgetting In Offline Reinforcement Learning Agents
The episode discusses TrajDeleter, a novel method for trajectory unlearning in offline reinforcement learning (RL) agents, presented by researchers from the University of Virginia and the Chinese Academy of Sciences. TrajDeleter trains agents to degrade performance on states from specific, unwanted trajectories while preserving overall competence on remaining data, and introduces TrajAuditor to verify successful forgetting. Experiments across six offline RL algorithms and three tasks show the approach removes about 94.8% of targeted trajectories using only 1.5% of the time required for full retraining, maintaining strong real‑world performance.
Employment Fraud & Hiring Risk: When Access Becomes Risk
The episode explores how employment fraud transforms hiring into a security risk, highlighting that in today’s remote, AI‑driven workforce, malicious actors can fabricate identities and gain trusted access before any internal controls engage. It explains that static background checks are...
Why Protecting Your Phone Number Matters for Online Security
Phone numbers are increasingly used as digital identifiers for account recovery, two‑factor authentication, and user verification, making them a prime target for attackers. The article outlines how numbers become publicly accessible through social profiles, directories, data breaches, and app permissions....
Real-Time Blackhole List – How to Remove an IP From It?
Email senders increasingly encounter DNS‑based Real‑Time Blackhole Lists that block IPs suspected of spam, phishing, or compromised servers. When an IP lands on a blacklist, major ESPs reject or filter messages, causing bounce errors, silent drops, and plummeting engagement metrics....
NSFOCUS Unveils Enhanced AI LLM Risk Threat Matrix for Holistic AI Security Governance
NSFOCUS announced an upgraded AI LLM Risk Threat Matrix, adding 14 new threat categories that focus on AI agent, multimodal, and Multi‑Agent Communication Protocol (MCP) vulnerabilities. The matrix expands coverage across identity, application, model, data, and infrastructure security throughout the...
Radware Acquires Pynt to Add API Security Testing Tool
Radware announced the acquisition of Pynt, a specialist in API security testing tools, to broaden its API protection portfolio. The Pynt suite will remain available as a standalone product while being tightly integrated into Radware’s existing API Security Service. This...
NDSS 2025 – Recurrent Private Set Intersection For Unbalanced Databases With Cuckoo Hashing
Researchers from NYU Abu Dhabi introduced a recurrent Private Set Intersection (PSI) protocol tailored for unbalanced databases. The solution combines leveled Fully Homomorphic Encryption with cuckoo hashing, delivering real‑time performance for repeated small‑set queries against a large set. Benchmarks using...
Survey Surfaces Lots of Room for DevSecOps Improvement
A new UserEvidence survey of 506 security leaders reveals that while 80% of organizations have security and DevOps teams sharing observability tools, only 45% feel the teams are very aligned on tooling and workflows. Most respondents (93%) use three or...
SSO Vs. Federated Identity Management: A Guide
Modern enterprises face escalating identity challenges as employees and automated workloads proliferate across SaaS, micro‑services, and multi‑cloud environments. Single Sign‑On (SSO) centralizes human authentication, reducing password fatigue and providing a unified audit trail, while federated identity extends access across organizational...
Student Data at Risk: What the Victoria Education Breach Exposes About Public Sector Security
The Victoria Department of Education suffered a data breach that exposed personal information of current and former students, prompting a privacy investigation. The breach highlighted longstanding issues in public‑sector access governance, such as dormant accounts and overly broad permissions. Attackers...
What Are Service Accounts and Why Are They a Security Risk?
Service accounts are non‑human identities that power cloud, container and CI/CD workloads, but they often rely on static, long‑lived credentials. Over‑privileged and poorly managed accounts generate a majority of cloud security alerts and have been leveraged in high‑profile breaches such...
NDSS 2025 – Iris: Dynamic Privacy Preserving Search In Authenticated Chord Peer-To-Peer Networks
The NDSS 2025 paper introduces Iris, a scheme that enables privacy‑preserving searches in authenticated Chord peer‑to‑peer networks while remaining compatible with the existing protocol. Iris defines a new alpha‑delta privacy notion, extending k‑anonymity to protect query information across iterative hops....
Why “Platform Consolidation” Often Increases Risk Instead of Reducing It
Enterprises chase security‑stack consolidation to cut costs and simplify management, but most vendor‑driven platforms are built from acquired point solutions rather than unified architectures. This commercial consolidation delivers single contracts yet leaves fragmented data stores, disparate analytics, and multiple agents,...
Customer Identity Management for Cruise Customer Experience
Cruise operators are shifting focus from flashy onboard attractions to the invisible infrastructure that links every guest interaction. By deploying consumer identity and access management (CIAM), brands can maintain a single, secure passenger profile from discovery through post‑cruise loyalty. This...
Citizen Engagement Strategies Powered by CIAM
Citizen engagement is now driven by digital experiences, and fragmented login processes are the primary barrier. The article argues that Customer Identity and Access Management (CIAM) is essential for municipalities to centralize services, provide a single digital identity, and build...
When Hospitals Go Dark and Browsers Turn Rogue
Recent incidents across healthcare, finance, and infrastructure reveal attackers exploiting lateral movement to maintain long‑term footholds. In Belgium a hospital shut down its servers after an undetected breach, while U.S. health providers endured weeks‑long unauthorized access. Phishing and malicious browser...
NDSS 2025 – On the Robustness Of LDP Protocols For Numerical Attributes Under Data Poisoning Attacks
The NDSS 2025 paper investigates how local differential privacy (LDP) protocols for numerical attributes can be subverted by data‑poisoning attacks, where a small set of malicious clients manipulates server estimates. Researchers evaluate state‑of‑the‑art categorical frequency oracles, binning, consistency, and distribution‑reconstruction...
How Data Masking & Synthesis Support Zero Trust
Zero Trust demands continuous verification of every access request, extending the principle of least‑privilege to the data layer. Data masking swaps sensitive values with realistic stand‑ins, while synthetic data creates entirely fictitious records that retain statistical fidelity. Together they shrink...
Responding to Exposed Secrets – An SRE’s Incident Response Playbook
The article outlines an SRE‑focused incident‑response playbook for handling exposed secrets, starting with thorough preparation—defining goals, roles, and communication protocols. It details detection techniques such as API usage anomalies, IAM activity monitoring, and automated code‑scanning integrated into CI/CD pipelines. Once...
Top AI Technology & Cybersecurity Podcasts to Follow in 2026
The article curates a list of essential AI and cybersecurity podcasts for 2026, highlighting shows that deliver deep technical insight, business strategy, and security expertise. It emphasizes the rise of AI agents, the Model Context Protocol (MCP), and AI security...
You See an Email Ending in .eu.org. Must Be Legit, Right?
The article warns that email addresses ending in .eu.org, while appearing institutional, are increasingly used by disposable‑email services to evade reputation checks. .eu.org is a free sub‑domain service, not a conventional top‑level domain, and its open registration lets fraudsters host...
Teleport Launches Framework to Secure Identities of AI Agents
Teleport unveiled its Agentic Identity Framework, a zero‑trust solution that secures AI agents without relying on static passwords or secrets. The platform builds on Teleport’s existing IAM technology, using a hardware root of trust to create cryptographic identities that are...
What It Doxxing? How It Happens, and How to Stay Safe?
The article defines doxxing as the public disclosure of private personal data without consent, highlighting that over 43 million Americans have been targeted and 90 % of cases reveal the victim’s address. It outlines how doxxers gather information from public records, data...
Why Cyber Fusion Centers and Zero-Trust Work Better Together
The surge in zero‑trust adoption has not delivered expected protection, as static implementations struggle against zero‑day exploits and a rapidly evolving threat landscape. A leading bank that integrated a cyber fusion center (CFC) with zero‑trust achieved 65% automated incident responses...
Critical CERT-In Advisories – January 2026: SAP, Microsoft, and Atlassian Vulnerabilities
January 2026 saw CERT‑In publish three critical advisories targeting SAP, Microsoft, and Atlassian products. The alerts disclose high‑severity flaws—including remote code execution, privilege escalation, and data exfiltration—affecting SAP S/4HANA, Windows, Azure, and on‑premise Atlassian tools such as Jira and Confluence. One...
Clawdbot-Style Agentic Assistants: What Your SOC Should Monitor, Triage, and Contain
Agentic AI assistants such as Clawdbot are moving from simple chatbots to persistent, privileged entities that can act across Slack, Teams, Discord and other platforms. Their ability to retain context, execute commands, and use user‑provided API keys creates new attack...
Single Sign-On Account Management in App Stores
App store identities remain fragmented, with developers often using personal emails that expose enterprises to lockout and breach risks. Managed Apple IDs and Enterprise Google accounts tether accounts to corporate domains, ensuring the organization retains control. The industry is moving...
The 7 Essential Elements of a Compliance Framework You Need to Know
The article outlines a seven‑element compliance framework that moves organizations from ad‑hoc checklists to a systematic operating model. It emphasizes leadership governance, risk assessment, policy translation, controls, training, monitoring, and issue management as interlocking components. By aligning these elements, firms...
How MSSPs Can Help Clients Mitigate Shadow IT and Data Sprawl with Cavelo
MSSPs face growing risk from shadow IT and data sprawl as hybrid work and SaaS adoption push data into unmanaged cloud locations. Unapproved applications and fragmented data increase attack surface, compliance exposure, and incident‑response delays. Cavelo offers an agent‑less, multi‑tenant...
NDSS 2025 – All Your (Data)base Are Belong to Us: Characterizing Database Ransom(ware) Attacks
Researchers at the IMDEA Software Institute delivered the first systematic analysis of database ransomware attacks, examining 23,736 ransom notes from 60,427 compromised servers over three years. Their honeypot experiments showed new infections rising 60% year‑over‑year, with 6,000 fresh victims in...
Why MSPs Should Add Privileged Access Management (PAM) To Their Security Offerings
Managed service providers (MSPs) are urged to add Privileged Access Management (PAM) to their portfolios as identity‑based attacks surge, with data breaches up 72% since 2021. PAM dovetails with Zero Trust principles, securing administrative credentials that attackers most often target....
Google’s Universal Commerce Protocol: Why the Future of Agentic Commerce Depends on Security
The episode examines Google’s Universal Commerce Protocol (UCP), an open‑source standard designed to unify AI‑driven shopping across retailers and payment providers. It highlights UCP’s advantages—single‑point integration, leverage of Google Merchant Center, modular flexibility, and merchant‑first control—while noting the competitive landscape...
NDSS 2025 – ERW-Radar
The episode delves into ERW‑Radar, a novel detection system designed to combat evasive ransomware by leveraging the unique repetitive I/O patterns ransomware exhibits during encryption and statistical analysis of encrypted byte streams. The authors—Lingbo Zhao, Yuhui Zhang, Zhilu Wang, Fengkai...
APT Attacks Target Indian Government Using GOGITTER, GITSHELLPAD, and GOSHELL | Part 1
In September 2025 Zscaler ThreatLabz uncovered two Pakistan-linked APT campaigns, Gopher Strike and Sheet Attack, targeting Indian government entities. Gopher Strike delivers malicious PDFs that trigger ISO downloads, employing a new Golang downloader called GOGITTER, a lightweight backdoor GITSHELLPAD that...
Wiz Found It. Swimlane Fixed It. The Cloud Security Power Play
Cloud security teams face alert fatigue, drowning in critical notifications that outpace manual response. Wiz, a cloud risk visibility leader, has partnered with Swimlane’s Turbine agentic‑AI to turn detection into automated remediation. The integration pulls Wiz telemetry, enriches it with...
F5 Strengthens, Scales & Sustains AI Security With Integrated Runtime Protection
In this episode Adrian Bridgwater discusses F5’s new AI security offerings—AI Guardrails and AI Red Team—designed to protect enterprise AI models throughout their lifecycle. The Guardrails provide both out‑of‑the‑box and custom‑built runtime protections that enforce policies, prevent data leaks, and...
The New ATO Playbook: Session Hijacking, MFA Bypass, and Credential Abuse Trends for 2026
In this episode Jason Wagner outlines how account takeover (ATO) has shifted from brute‑force logins to stealthy session hijacking, MFA fatigue, and credential reuse tied to real identities. He explains that attackers now harvest active session tokens and device fingerprints,...
What Is User Managed Access?
User Managed Access (UMA) extends OAuth 2.0 by letting data owners set granular sharing policies. It introduces components such as Resource Owner, Authorization Server, and Requesting Party Token to mediate consent. In enterprise SSO, UMA decouples resource data from policy logic,...
NDSS 2025 – RContainer
The NDSS 2025 paper introduces RContainer, a secure container architecture that leverages ARM Confidential Computing Architecture (CCA) hardware primitives to protect containers from untrusted operating systems. By deploying a lightweight trusted mini‑OS alongside the host OS, RContainer monitors control‑flow interactions...
Cybersecurity’s New Business Case: Fraud
Government CISOs are being urged to reframe cybersecurity discussions around financial fraud and AI‑generated scams rather than traditional technical jargon. Pandemic‑relief programs alone saw over $300 billion in fraudulent payments, while consumer fraud hit $12.5 billion in 2024, underscoring the fiscal stakes....
How Does AI Ensure Calm in Cybersecurity Operations?
Non‑Human Identities (NHIs), or machine identities, are becoming the backbone of AI‑driven cybersecurity operations. By pairing encrypted secrets with server‑granted permissions, NHIs function like digital passports that enable secure automated interactions. AI enhances NHI management through real‑time threat analytics, lifecycle...
How Is AI Security Evolving for Better Protection?
AI security is shifting focus toward Non‑Human Identities (NHIs), the machine credentials that underpin modern cloud and AI workloads. Organizations confront challenges in discovering, classifying, and governing these identities, which lack the natural lifecycle of human users. Emerging solutions integrate...
How Do NHIs Deliver Value in Digital Security Landscapes?
Non‑Human Identities (NHIs) are machine credentials that now underpin most cloud‑native environments. Effective NHI management couples secret rotation, permission controls, and continuous monitoring to reduce breach risk and streamline compliance. Organizations that automate discovery, classification, and remediation see faster incident...
Can You Trust AI with Your Digital Secrets Management?
Non‑human identities (NHIs) or machine identities are becoming central to digital secrets management, especially as enterprises expand across hybrid cloud environments. Effective NHI platforms automate discovery, lifecycle handling of secrets, and real‑time monitoring, reducing breach risk and compliance burdens. AI...
NDSS 2025 – Secure Data Analytics
Researchers at NDSS 2025 introduced Laputa, a framework that adds fine‑grained policy enforcement to Apache Spark by inspecting physical execution plans. The system isolates Spark workloads using confidential computing compartments, protecting data from malicious users and compromised cloud managers. Laputa’s...
DAST vs Penetration Testing: Key Differences in 2026
The article contrasts modern Dynamic Application Security Testing (DAST) with traditional and AI‑driven penetration testing, highlighting how AI‑powered tools are built on advanced DAST architectures. Modern DAST now offers CI/CD integration, business‑logic testing, and a graph‑based knowledge model that feeds...
ISO 27001:2013 vs 2022 – A Quick Comparison Guide
ISO 27001:2022 supersedes the 2013 version, introducing a streamlined set of 93 controls organized into four thematic categories—Organizational, People, Physical, and Technological. The update adds 11 new controls targeting cloud security, threat intelligence, secure coding, and data protection, while tightening requirements...
NDSS 2025 – WAVEN: WebAssembly Memory Virtualization For Enclaves
Researchers from Southern University of Science and Technology and ByteDance presented WAVEN, a WebAssembly memory virtualization layer designed for trusted execution environments (TEEs). WAVEN enables cross‑module memory sharing and page‑level access control, addressing the linear memory model’s limitations in Wasm‑based...
Shift Left QA for AI Systems. Catching Model Risk Before Production
Shift‑left QA repositions testing to the earliest stages of AI development, targeting data selection, prompt design, and model behavior before any user interface exists. Traditional software QA, which validates deterministic code after UI creation, misses the probabilistic failures that AI...
Corr-Serve Strengthens South Africa’s Cybersecurity Market Through Expanded Seceon Partnership
Corr-Serve has expanded its seven‑year partnership with global cyber‑security firm Seceon, becoming the exclusive distributor for Seceon's AI‑driven Open Threat Management platform across the Southern African Development Community. The deal positions South Africa as the operational hub, delivering real‑time threat...