- Home
- Cybercrime and Ransomware
- Emerging Tech
- Threat Intelligence
- Expert Insights
- Careers and Learning
- Compliance
Subscribe to Updates
Subscribe to our newsletter and never miss our latest news
Subscribe my Newsletter for New Posts & tips Let's stay updated!
Author: Staff Writer
John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.
Fast Facts Managing non-human identities (NHIs) and their secrets with a holistic, lifecycle approach reduces risks, enhances compliance, and improves operational efficiency. Cloud security for NHIs is critical across industries like healthcare and finance, requiring industry-specific policies and robust management practices. Integrating security into DevOps (DevSecOps) and fostering collaboration between security and R&D teams strengthen NHI protection through automation and continuous monitoring. Utilizing data-driven insights and AI analytics enables proactive, predictive NHI management, cultivating a security-first culture essential for evolving digital ecosystems. Problem Explained The story reports on how organizations across various industries, such as finance, healthcare, and travel, are…
Summary Points Attackers are using browser push notifications via the Matrix Push C2 platform to conduct phishing campaigns, tricking users into clicking malicious links without infecting their devices directly. Matrix Push C2 is a malware-as-a-service sold through cybercrime forums and encrypted channels, enabling threat actors to deploy cross-platform, customizable fake alerts resembling trusted brands. The technique leverages social engineering, convincing users to allow notifications and interact with fake alerts that mimic legitimate OS or browser issues, paving the way for credential theft and malware download. Simultaneously, there’s a rise in abuse of legitimate cybersecurity tools like Velociraptor, exploited by hackers…
Fast Facts Non-Human Identities (NHIs), including machine identities and automation, are critical to modern cybersecurity, acting as the invisible backbone of secure digital operations across industries like finance and healthcare. Effective NHI management—covering discovery, lifecycle, threat detection, and remediation—reduces risks, enhances compliance, boosts efficiency through automation, and provides centralized control over digital assets. Context-aware NHI security platforms enable deeper insights into ownership, permissions, and vulnerabilities, bridging gaps between security and R&D teams for more proactive threat mitigation. As NHIs become more pervasive, continuous lifecycle management, integrated threat detection, and adaptation to evolving technology are essential to maintaining resilient, secure digital…
Essential Insights Avast has launched Scam Guardian, a free AI-powered tool integrated into Avast Free Antivirus to democratize scam protection amid rising AI-enhanced scams and data breaches. The new service detects sophisticated, targeted scams by analyzing URLs, content, language, and website code, providing real-time threat neutralization and safer browsing. Scam Guardian Pro, an upgraded version, includes AI-driven email scam detection to protect users across devices from personalized phishing attacks. Recent reports highlight a surge in data breaches (+186%) and phishing scams (+466%), emphasizing the urgent need for advanced, accessible scam defense tools. Underlying Problem Avast, a leading provider of digital…
Fast Facts Maxwell Schultz, a former IT contractor from Ohio, pleaded guilty to launching a cyberattack in retaliation for his termination, which compromised thousands of employees’ systems nationwide. After being fired, Schultz impersonated another contractor, gained unauthorized network access, and executed a script that reset about 2,500 passwords, locking employees out. He attempted to delete logs of his intrusion, but investigators traced the attack back to him, resulting in over $862,000 in damages to the company. Schultz faces up to 10 years in prison and a $250,000 fine, highlighting the importance of promptly revoking access for terminated employees to prevent…
Essential Insights Two UK teenagers, Thalha Jubair and Owen Flowers, linked to the Scattered Spider hacking group, pleaded not guilty to charges related to the August 2024 TfL cyberattack, which caused significant disruption and exposed customer data. The breach initially appeared to not compromise customer data, but TfL later confirmed personal information of over 8.4 million Londoners was affected, impacting critical transportation services. Jubair faces additional charges in the US for conspiracy, fraud, and money laundering, with victims paying over $115 million in ransom payments for network breaches globally. Authorities have arrested multiple suspects linked to the same cybercrime collective,…
Summary Points CrowdStrike terminated an employee for sharing internal screenshots externally, preventing a systemic breach, with no customer data compromised. The leak was caused by human vulnerability, as the insider was allegedly paid $25,000 by the hacker group “Scattered Lapsus$ Hunters” to share access details. The threat group has been actively targeting large corporations via social engineering and exploiting third-party vendors like Gainsight, claiming massive data exfiltration in 2025. The incident underscores the growing danger of insiders and sophisticated social engineering tactics in cyber threats to high-stakes tech companies. The Core Issue CrowdStrike, a leading cybersecurity firm, confirmed that it…
Quick Takeaways Non-Human Identities (NHIs) Risk: As SaaS ecosystems grow, NHIs like AI assistants and API tokens now operate with significant privileges, driving productivity but also increasing security risks due to lack of oversight. Data Breaches: High-profile incidents, like the Salesloft OAuth token breach and the New York Times GitHub token leak, highlight the vulnerabilities associated with unmanaged machine credentials that can lead to severe data exposure. Dynamic SaaS Security Solutions: Implementing Dynamic SaaS Security Platforms provides real-time visibility, enforces least privilege for NHIs, and continuously monitors for anomalies, allowing organizations to combat NHI-related risks effectively. Proactive Security Checklist: Organizations…
Top Highlights CrowdStrike fired a “suspicious insider” last month for allegedly sharing internal company information. The dismissed employee is accused of leaking sensitive data to the hacking group Scattered Lapsus$. Hackers showcased screenshots of CrowdStrike’s internal dashboards, including Okta access, on a Telegram channel. CrowdStrike denies the breach involved customer data, stating the insider only shared screenshots externally during termination. What’s the Problem? Last month, cybersecurity firm CrowdStrike dismissed an employee, suspecting him of being a “suspicious insider” who potentially compromised the company’s internal systems. This dismissal was publicly revealed after a hacking group known as Scattered Lapsus$ Hunters shared…
Essential Insights The FCC has revoked a January 2025 rule that mandated U.S. telecom companies to adopt stricter cybersecurity measures after lobbying from the industry, citing the rule as too cumbersome and inflexible. The original rule required telecoms to develop risk-management plans, submit annual certifications, and treat network cybersecurity as a legal obligation—measures prompted by the Salt Typhoon Chinese espionage attacks. Critics, including FCC Commissioner Anna M. Gomez and Senators Cantwell and Peters, argued that rollback weakens protections, leaving the U.S. more vulnerable to ongoing foreign cyber threats like Salt Typhoon. The FCC states that telecom companies have already improved…