Top streaming services like Netflix and Disney+ have made sustained investments over the years to lock their content down. Whenever they can, they prevent users from accessing videos without a subscription or watching region-blocked content. New findings presented today at… Read More "A Misconfiguration That Haunts Corporate Streaming Platforms Could Expose Sensitive Data"
Aug 25, 2025Ravie LakshmananContainer Security / Vulnerability Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out of the confines of a… Read More "Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3"
The challenge of securing AI as it constantly changes Launching a global AI safety coalition was no small task. One of the many challenges for the CSA, says Armstrong, was laying out a clear and concise vision. “The key was… Read More "Need help with AI safety? Stay ahead of risks with these tools and frameworks"
Success in cybersecurity is when nothing happens, plus other standout themes from two of the event’s keynotes 07 Aug 2025 • , 3 min. read The 2025 edition of the Black Hat USA conference kicked off with an address from… Read More "Does successful cybersecurity today increase cyber risk tomorrow?"
Zhou added in his statement that Securam will be fixing the vulnerabilities Omo and Rowley found in future models of the ProLogic lock. “Customer security is our priority and we have begun the process of creating next-generation products to thwart… Read More "Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds"
Aug 25, 2025Ravie LakshmananMalware / Cyber Espionage A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia and other entities across the globe to advance Beijing’s strategic interests. “This multi-stage… Read More "UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats"
Accountability for security became clearer once cyber performance showed up in C-suite goals, metrics, and annual incentives. This gave the CISO more influence. Conversations about weak software development, phishing threats, and vendor due diligence hit harder when framed in terms… Read More "2025 CSO Hall of Fame: Meg Anderson on AI, strategic security investments, and life after InfoSec"
Who’s to blame when the AI tool managing a company’s compliance status gets it wrong? 07 Aug 2025 • , 3 min. read If you put a group of CISOs in a room, they are all likely to wait for… Read More "Policy compliance & the cybersecurity silver bullet"
The Trump administration’s radical changes to United States fiscal policy, foreign relations, and global strategy—combined with mass firings across the federal government—have created uncertainty around US cybersecurity priorities that was on display this week at two of the country’s most… Read More "Ex-NSA Chief Paul Nakasone Has a Warning for the Tech World"
Your online presence—social media posts, web registrations, breach data—creates a digital footprint that attackers can study and exploit without you even realizing. That external exposure becomes a roadmap for targeted attacks against your organization. When threat actors map your footprint, they… Read More "What Is Your Digital Footprint Revealing to Attackers—and How Can You Turn It into a Defense?"
