Author: Staff Writer

DefenseStorm, the leading provider of cyber risk management solutions and co-managed services exclusively for financial institutions, has secured a spot on the prestigious 2025 Inc. 5000 list, ranking among America’s fastest-growing private companies with an impressive three-year revenue growth of 123%. The Inc. 5000 list provides a data-driven snapshot of the most successful companies within the economy’s most dynamic segment – its independent, entrepreneurial businesses. Fueling this momentum, DefenseStorm appoints two accomplished executives to its leadership team: Gina Hortatsos as Chief Marketing Officer and Wes Muschara as Chief Product Officer. These key hires reinforce the company’s commitment to customer-centric growth and product innovation at…

Top Highlights Critical Breach: Hackers exploited a memory-overflow vulnerability in Citrix’s NetScaler, compromising multiple critical infrastructure organizations in the Netherlands. Severity of Vulnerability: The flaw, tracked as CVE-2025-6543, is rated critical; over 4,100 vulnerable instances are connected globally, with significant potential implications for U.S. infrastructure as well. Widespread Exploitation: Exploitation attempts for both CVE-2025-6543 and a related vulnerability (CVE-2025-5777) are already being reported, highlighting the urgency for organizations to patch. Proactive Measures Recommended: The Cybersecurity and Infrastructure Security Agency (CISA) is urging immediate action to patch vulnerabilities, as failure to do so could lead to increased cyberattack risks. Critical Vulnerabilities…

Todyl, an industry-leading cybersecurity platform, is proud to announce that Inc. has recognized the company on the annual Inc. 5000 list, ranking it within the top 10 in two categories: #8 in security and #5 in Colorado. This recognition highlights Todyl’s rapid growth, driven by the increasing demand for unified, scalable cybersecurity solutions in the small and mid-market segments. Todyl, an industry-leading cybersecurity platform, is proud to announce that Inc., the leading media brand and playbook for the entrepreneurs and business leaders shaping our future, has recognized the company on the annual Inc. 5000 list, ranking it within the top 10…

Essential Insights Budget Cuts Impact: The Trump administration’s significant cuts to federal cybersecurity programs have led to widespread budget and resource reductions in 85% of surveyed organizations in the U.S. and the U.K. Investment Concerns: Nearly 50% of companies are scaling back their cybersecurity investments, with 80% of respondents fearing that government budget reductions will limit intelligence sharing. Resource Diminishment: The cuts have resulted in significant staffing losses at CISA, directly affecting the government’s ability to collaborate with the private sector on cybersecurity and distribute timely threat intelligence. International Ramifications: Approximately 80% of British organizations have become cautious of collaborating…

Quick Takeaways Evolving Threat Landscape: Ransomware and infostealer attacks are increasingly focused on credential theft and data exfiltration rather than just encryption, with organizations struggling to adapt to these stealthy tactics. Detection Failures: Despite extensive security investments, data exfiltration prevention has dropped to 3%, and password cracking success rates have nearly doubled to 46%, indicating that defenders are lagging in key areas. Changing Ransomware Tactics: Ransomware groups have shifted from encryption-based extortion to data theft and threat of leakage, emphasizing the need for proactive measures to prevent credential abuse and data loss before it occurs. Actionable Insights: The Picus Blue…

Additions to leadership team, vertical industry growth and technology validations reinforce market authority Cayosoft Inc., the undisputed leader in Microsoft hybrid Active Directory (AD) and Entra ID management and security, announced it has achieved significant milestones, marked by technology advancements and recognition, key customer wins in strategic vertical markets and additions to leadership team to fuel global business expansion. “Our investments in leadership, partnerships and technology are anchored by a customer commitment to ensuring enterprises have the strongest AD security footprint,” Robert Bobel, founder and CEO at Cayosoft Used by 90% of large organizations worldwide, Microsoft Active Directory and Entra…

Top Highlights CrossC2 Framework: Japan’s CERT reported the use of CrossC2, a command-and-control framework extending Cobalt Strike’s capabilities to Linux and macOS, detected in attacks from September to December 2024 across multiple countries. Custom Malware Loader: Investigations revealed a bespoke loader named ReadNimeLoader, which employs anti-debugging techniques and executes the payload without leaving traces by exploiting the legitimate java.exe binary. Ransomware Connection: The attack campaign exhibited overlaps with known BlackSuit/Black Basta ransomware activities, utilizing similar command-and-control domains and file names. Vulnerability of Linux Servers: Many Linux servers lack endpoint detection and response systems, making them vulnerable entry points for attackers,…

Radware, a global leader in application security and delivery solutions for multi-cloud environments, and Tet, one of Latvia’s largest technology and innovation companies and internet service providers, announced they signed a managed security service provider (MSSP) agreement. Based on the agreement, Tet is adding Radware’s full suite of AI-powered Cloud Application Protection Services to its managed services portfolio to expand its security offering for customers. The new agreement is an expansion of an existing relationship. Tet also uses Radware’s DefensePro® DDoS Protection to safeguard its business customers. The technology company offers a full range of ICT and pay-TV services for households;…

Top Highlights Xerox patched two serious vulnerabilities in its FreeFlow Core platform: an XXE injection flaw (CVE-2025-8355) and a path traversal issue (CVE-2025-8356), allowing unauthenticated, remote code execution. Security researchers demonstrated the exploit by placing a webshell on affected systems, highlighting the severe risk these vulnerabilities pose. FreeFlow Core is widely used in large-scale printing operations by various organizations, making it an attractive target due to sensitive pre-public information involved in print jobs. Xerox was notified of the vulnerabilities in June, with patches released on August 8, included in FreeFlow Core version 8.0.5. The Core Issue Recently, Xerox addressed critical…

At Black Hat USA 2025, Microsoft security leaders shared how a combined threat intelligence and incident response approach is enabling organizations to defend against cyberattacks in minutes rather than months. Through unification of teams, practicing incident response (IR) plans, and ensuring core security hygiene, Microsoft asserts that businesses can reduce attacker dwell time from months or even years to a mere 72 minutes. Why Microsoft Says a Printed Plan Isn’t Enough While attending the session, Aarti Borkar, VP of Security, Compliance, Identity, and Management at Microsoft, asked a pointed question: “Do you have your incident response plan printed out? And…