Author: Staff Writer

Top Highlights Two serious vulnerabilities in Workhorse Software used by 310 Wisconsin municipalities could expose sensitive data, including Social Security numbers and municipal financial records. The flaws involve storing SQL credentials in plaintext and an accessible unencrypted database backup feature, both risking data theft and tampering. CERT/CC and the vendor have released patches (version 1.9.4.48019) and mitigations; the problematic backup feature is optional and the password storage issue relates to the SQL authentication method in use. Attacks could occur via physical access or malware, potentially compromising the integrity of municipal financial operations and privacy. Key Challenge A researcher named James…

Fast Facts CyberArk Recognized: CyberArk has been named an Overall Leader in the 2025 KuppingerCole Leadership Compass for Identity Fabrics, highlighting its expertise in identity security across various enterprise environments. Identity Fabrics Concept: The shift towards Identity Fabrics integrates key identity security domains (IGA, AM, PAM) into a cohesive framework, deemed essential for enhancing security and operational efficiency. CyberArk Identity Security Platform: Analysts praised CyberArk’s platform for its comprehensive capabilities in access control, device protection, and privilege management, making it ideal for zero-trust environments. Strategic Acquisition: CyberArk’s acquisition of Zilla Security bolsters its identity security capabilities, focusing on automating provisioning…

Summary Points Businesses face increasing risks from cyberattacks, natural disasters, operational outages, human errors, and regulatory breaches, necessitating a robust Business Continuity and Disaster Recovery (BCDR) plan. Conducting a Business Impact Analysis (BIA)—with IT’s crucial involvement—identifies critical functions, assesses impacts, and establishes recovery time objectives (RTOs) and data recovery points (RPOs). Tailor threat identification based on industry specifics—healthcare, education, manufacturing—focusing on high-impact, likelihood-driven risks like ransomware, natural events, and operational disruptions. Implement automated recovery solutions like Datto’s platform to translate BIA insights into actionable, efficient, and reliable disaster recovery operations, ensuring resilience in a threat-prone environment. What’s the Problem? The…

Quick Takeaways Financial Strength Rating Maintained: At-Bay Specialty Insurance Company received an A- (Excellent) rating from AM Best, with a "Stable" outlook, showcasing its strong financial health and operational execution. Innovative InsurSec Model: At-Bay pioneers an InsurSec model that combines cyber insurance with active cybersecurity measures, effectively addressing the evolving risks in today’s digital landscape. Commitment to SMEs: The company’s focus on supporting small and mid-sized enterprises emphasizes its mission to provide both protection and prevention in the face of cyber threats, reinforcing its role as a critical economic player. Comprehensive Solutions Offered: At-Bay caters to nearly 40,000 businesses in…

Summary Points Invisible Risk: Many organizations are unaware of the numerous AI agents operating behind the scenes, leading to security vulnerabilities due to a lack of proper identification and monitoring. Threat Potential: Shadow AI agents, once compromised, can swiftly navigate systems, access sensitive data, and escalate privileges without human oversight, posing serious security risks. Inadequate Security Protocols: Traditional security measures are primarily designed for human users and are ill-equipped to manage the growing presence of autonomous AI agents. Proactive Solutions: Organizations must implement strategies to assign identities and accountability to AI agents to mitigate risks and ensure that they act…

Summary Points Inotiv, a pharmaceutical company, experienced a cybersecurity breach on August 8, where hackers encrypted its internal systems, disrupting operations. The Qilin ransomware group claimed responsibility, stealing approximately 176 GB of sensitive data, including agreements and financial documents. The incident led Inotiv to shift some operations offline amid ongoing efforts to restore affected systems, with no specific timeline for full recovery. The breach has caused significant operational disruptions, and authorities continue to investigate the attack’s details and the threat actor involved. The Issue Inotiv, a pharmaceutical research organization based in Indiana, disclosed to the U.S. Securities and Exchange Commission…

Quick Takeaways Leadership Expansion: Armis Federal enhances its Federal Advisory Board with Paul Craft and David Epperson, bringing extensive federal cybersecurity expertise to address evolving challenges. Expert Backgrounds: Craft, a retired U.S. Army General and former Chief of Cyber, and Epperson, the first CIO of CISA, highlight a strong commitment to safeguarding government infrastructure. Proactive Cybersecurity: Craft emphasizes Armis’ AI-driven platform for proactive risk detection, while Epperson advocates for public-private sector collaboration to fortify federal systems. Strategic Growth: Armis Federal is focused on tailored solutions for federal agencies, progressing towards DISA Impact Level 5 and FedRAMP High authorizations, and supporting…

Quick Takeaways North Korean cyber operatives, linked to the Kimsuky group, conducted a sophisticated espionage campaign (Mar-July 2025) targeting diplomatic missions, using spear-phishing emails mimicking trusted entities and leveraging GitHub and cloud services to deploy Xeno RAT malware. The attacks involved carefully crafted messages in multiple languages, containing malicious ZIP files that exploit Windows shortcuts and PowerShell scripts to establish persistent footholds and exfiltrate system data, with rapid infrastructure rotation to evade detection. Analysis suggests the activity originated mainly from China, with possible collusion or operation derivatives involving Chinese resources, likely to mask North Korean motives while blending into regional…

Top Highlights New CFO Appointment: Horizon3.ai has appointed Holly Grey as Chief Financial Officer, bringing over 30 years of experience in corporate finance and strategic growth. Proven Track Record: Grey previously served as CFO at Exabeam, where she successfully transitioned the company to a cloud-native model, and played a key role in Forescout Technologies’ IPO and acquisition. Strategic Growth Focus: Under Grey’s leadership, Horizon3.ai aims to enhance financial planning and operational efficiency, driving growth alongside its NodeZero Offensive Security Platform. Recent Funding Success: Grey’s appointment follows a $100 million Series D funding round, setting the stage for further product innovation…

Top Highlights Adversaries exploit CVE-2023-46604 in Apache ActiveMQ for remote code execution on cloud Linux systems, deploying malware like DripDropper using Dropbox for command and control. They patch the vulnerability after gaining access, by replacing compromised JAR files with legitimate ones, preventing detection and maintaining exclusive control. The attacker modify SSH configurations to enable root login and establish persistence, using sophisticated tools such as Sliver implants and Cloudflare Tunnels. The malware establishes resilience by altering system files, creating hidden malicious files, and blending malicious activity with legitimate cloud traffic, demonstrating advanced operational security. The Issue A highly advanced cyberattack campaign…