While First VPN’s fates seems well-deserved, there are concerns about wider attempts by governments and law enforcers to clamp down on users of VPN services. Various legislations have tried to implement new laws restricting access to the internet, in particular,… Read More "Police take down VPN service (this time with a good reason)"
A multi-national law enforcement operation has resulted in the takedown of 53 domains associated with Distributed Denial of Service (DDoS) attacks and the arrest of four people suspected of providing DDoS-for-hire services. Operation PowerOff saw police and cybersecurity agencies from… Read More "DDoS-For-Hire Services Disrupted by International Police Action"
.png?w=1140&resize=1140,855&ssl=1 "The Vendor Tiering Series: Mapping Tiers to Inherent Risk")
Cybersecurity doesn’t really have quiet days. Usually, it’s just long stretches of constant noise before realizing you’ve been blindsided. That blindside is a flat list of unprioritized vendors. Without a way to filter what matters when a team needs to… Read More "The Vendor Tiering Series: Mapping Tiers to Inherent Risk"
Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. The disruption of First VPN… Read More "First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups"
The FBI has warned of the danger from a new wave of phishing attacks generated by a tool called Kali365. It enables cyber criminals to obtain Microsoft 365 access tokens and bypass multi-factor authentication (MFA) protocols without intercepting the user’s… Read More "FBI warns of Kali Oauth stealers"
While non-public frontier AI models, like Anthorpic’s Claude Mythos, have been shown to identify thousands of zero-day vulnerabilities across major operating systems, commercial models are also indicating progress in the discovery of software bugs. Forescout’s Vedere Labs found that just a… Read More "Commercial AI Models Show Rapid Gains in Vulnerability Research"
What is vendor tiering? Vendor Tiering is a method of classifying vendors based on the level of security risk they introduce to an organization. The level of security criticality decreases with each subsequent level. The number of tiering levels depends… Read More "What is Vendor Tiering? Optimize Your Vendor Risk Management"
Drupal is warning users that it’s already seeing attempts to exploit CVE-2026-9082, the highly critical vulnerability patched this week. The vulnerability affects an API designed to ensure that database queries are sanitized to prevent SQL injection. “A vulnerability in this… Read More "Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure"
Too many alerts with no clear priority Teams spend time validating findings, delaying response to critical risks. Risks are grouped into meaningful exposures, enabling faster and focused action. Working across multiple cloud environments Investigations require switching between tools, slowing analysis,… Read More "What Makes Fidelis CSPM Enterprise Ready for Modern Security?"
And a new tab page will pull together calendar entries, files and Copilot prompts, reducing the need to switch between tools, it said. A key feature of the new browser version will be its ability to protect corporate data. Enterprises… Read More "Microsoft says it’s making AI ‘safe for work’ in your browser"
