Author: Staff Writer
Staff Writer
John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.
Fast Facts Sopra Steria enhances its Datasphere platform with hybrid post-quantum cryptography, integrating advanced data labeling and quantum-resistant encryption for robust data protection against emerging cyber threats. This upgrade addresses the anticipated decline in effectiveness of traditional cryptographic methods due to the rise of quantum computing, making post-quantum encryption essential for safeguarding sensitive information. Datasphere now offers long-term data protection, aligns with NIST and NATO security standards, and allows a smooth transition for organizations to adopt quantum-secure operations while maintaining existing infrastructures. The integration of hybrid post-quantum cryptography is a proactive approach to future cybersecurity challenges, enhancing digital sovereignty and…
Quick Takeaways Ransomware attack costs have surged, representing 76% of cyber loss claims in early 2025, driven by increasingly sophisticated tactics and higher ransom demands. Despite rising ransom demands (up to $2 million) and more complex extortion methods, recovery costs (excluding ransom) have decreased by 40%, indicating improved resilience and negotiation tactics. Claims volume has halved and payout rates remain low (22%), but average losses from ransomware are still high, exceeding $1.18 million so far in 2025. Cybercriminals are leveraging AI and “double extortion,” including theft of cyber insurance policies, to intensify financial damage from fewer, more targeted attacks. Key…
Top Highlights Launch of Bell Cyber: Bell Canada has unveiled Bell Cyber, a cybersecurity brand aimed at establishing itself as a top North American provider of managed security services, announced at the inaugural Bell Cybersecurity Summit in Toronto. Innovative SOC Capabilities: Bell Cyber’s autonomous Security Operations Centre (SOC) can detect and neutralize threats in under five minutes, transforming cyber defense from reactive to proactive. Sovereign Cloud Compliance: The platform operates within a secure Canadian sovereign cloud, ensuring customer data is stored domestically and complies with national privacy requirements. Strategic Partnerships: Bell Cyber is forming a partner ecosystem with leading companies…
Essential Insights Emerging Threat: The new Salty2FA phishing kit can bypass various two-factor authentication methods, targeting financial and energy sectors in the US and EU, posing significant risks to enterprises. Attack Execution: Salty2FA employs a multi-stage execution chain, beginning with convincing phishing emails that lead to credential theft and 2FA interception, making it one of the most sophisticated PhaaS frameworks this year. Detection Strategies: Security Operations Centers (SOCs) should prioritize behavioral detection over static indicators, utilize interactive sandboxes for real-time threat analysis, and strengthen multi-factor authentication policies. Efficiency Gains: Interactive sandbox solutions like ANY.RUN enhance SOC efficiency by up to…
Summary Points Sen. Ron Wyden urges the FTC to investigate Microsoft for cybersecurity issues, citing its default settings as a vulnerability that facilitated a major ransomware attack on Ascension hospital, affecting over 5.6 million patients. The attack exploited outdated encryption technology (RC4) supported by Microsoft, which is known to be vulnerable and exploited in cyberattacks, despite longstanding warnings from cybersecurity experts and agencies. Microsoft acknowledged that RC4 support is being phased out, with plans to disable it by default in Active Directory starting Q1 2026, but Wyden criticizes the delay and says Microsoft should bear the responsibility to fix the…
Top Highlights Leadership Appointment: Jatin Arora joins MorganFranklin Cyber as Managing Director and Head of Cyber Strategy & GRC, bringing over 20 years of international experience in cybersecurity. Expertise: Arora’s track record includes leading transformation initiatives and cyber risk programs across various sectors, enhancing security strategies and compliance frameworks. Strategic Vision: He aims to align security with business objectives, reduce risk, and foster sustainable digital growth for clients, addressing increasing compliance and resilience demands. Educational Background: Arora holds an MBA and a Bachelor of Engineering in Computer Science, complemented by advanced leadership training and active participation in the cybersecurity community.…
Quick Takeaways A Chinese APT group used a new fileless malware framework, EggStreme, to compromise a Philippine military firm, emphasizing espionage and data theft capabilities. EggStreme operates via multi-stage payloads that inject malicious code into memory, leveraging DLL side-loading and persistent backdoors for stealthy, resilient access. The core backdoor, EggStremeAgent, supports 58 commands for system reconnaissance, lateral movement, data exfiltration, and employs a keylogger to harvest sensitive information. Its sophisticated, multi-component, fileless design allows for stealthy operations, persistence, and evasion of detection, highlighting advanced hacking tactics and infrastructure resilience. Problem Explained A highly sophisticated cyber espionage operation attributed to a…
Fast Facts Phio TX 4.5 Launch: Quantum Xchange releases version 4.5 of its Post-Quantum Cryptography platform, enhancing defenses against Harvest Now, Decrypt Later (HNDL) threats and aligning with PQC standards. Enhanced Interoperability: The update features full Quantum Key Distribution (QKD) interoperability and hybrid key generation, improving integration with existing network protocols like Cisco’s SKIP and ETSI standards. Decentralized Security Framework: Phio TX offers a flexible, multi-protocol framework that facilitates scalable deployment of quantum-safe networking solutions, aiming for a crypto-agile infrastructure. Dual-Layer Data Protection: Utilizing out-of-band symmetric key distribution and an independent key-encryption-key (KEK), Phio TX provides robust data security against…
Fast Facts A remote code execution vulnerability in Cursor AI Code Editor exploits its default “Workspace Trust” setting being disabled, allowing malicious code in repositories to auto-run upon folder opening without warning. Attackers can embed malicious tasks in a repository’s .vscode/tasks.json with runOptions.runOn set to “folderOpen,” enabling silent execution of harmful commands. The flaw poses serious risks by potentially exposing sensitive credentials, compromising developer machines, and allowing lateral movement to cloud and organizational infrastructure. Users are advised to enable Workspace Trust, adjust settings like task.allowAutomaticTasks to “off,” and isolate unknown repositories in secure environments until patches are provided. What’s the…
Essential Insights Enhanced Threat Detection: Exabeam announces a significant upgrade to its New-Scale Security Operations Platform by integrating Google Agentspace and Model Armor telemetry, enabling monitoring of AI agents as potential insider threats. Rising Insider Risks: A recent Exabeam study reveals that 93% of organizations anticipate an increase in AI-driven insider threats, with 64% considering them a bigger risk than external attacks. Improved Behavioral Analytics: The integration harnesses Exabeam’s machine learning and behavioral analytics capabilities to identify anomalies in AI agent behavior, providing deeper insights than traditional security solutions. Collaboration Focus: Google Cloud’s partnership with Exabeam aims to equip organizations…