Author: Staff Writer

Synechron, a leading global digital transformation consulting firm, announced the expansion of its CyberAI program with the launch of three new AI-powered accelerators. These solutions enhance a company’s cybersecurity across vendor risk management, data security, and infrastructure monitoring, delivering intelligent automation and real-time insights to strengthen enterprise defenses. The new accelerators leverage different types of AI technology, including predictive analytics, large-language models (LLMs) and agentic architectures. Cyber Technology Insights : Push Security Unveils Matrix to Expose Gaps in Phishing Detection Techniques The latest additions to the Synechron CyberAI program include: VendorRisk.AI: Enables proactive, AI-driven supplier risk management by automating the analysis of…

Essential Insights Investigation Findings: SonicWall’s investigation confirmed no new zero-day vulnerability affecting Gen 7 or newer firewalls amid reports of Akira ransomware attacks; the exploitation is linked to an existing vulnerability, CVE-2024-40766. Credential Exploitation: Attackers used the identified vulnerability to obtain device credentials, raising concerns that compromised passwords from previous configurations remain unchanged. Migration Risks: Incidents primarily arose during migrations from Gen 6 to Gen 7 firewalls, where local user passwords were carried over without being reset, contradicting SonicWall’s initial advisory guidance. Ongoing Threats: Other cyber campaigns, like those from threat actor UNC6148, also targeted SonicWall devices, suggesting persistent vulnerabilities…

CISOs Can Now Quickly Restore Continuity and Maintain Operational Resilience in the Face of Advanced Threats and Complexity Absolute Security, a leader in enterprise cyber resilience, announced new innovations available on the Absolute Resilience Platform. An advanced GenAI assistant enables natural-language queries that instantly answer vital questions about the security and compliance status of endpoint devices. Enhanced application control helps ensure critical endpoint and network security defenses are present across every device and operating with maximum effectiveness and efficiency. Customizable dashboards deliver enhanced insights that support your organization’s unique IT and security environment. Built on a foundation of AI-powered resilience,…

Essential Insights Budget Growth Slowdown: Cybersecurity budgets increased by just 4% in 2025, down from 8% the previous year, reflecting economic uncertainty. Declining Share of IT Budgets: Cybersecurity spending as a percentage of total IT budgets fell from 11.9% to 10.9%, ending a five-year growth trend. Economic Concerns Impact CFOs: CFOs are increasingly worried about external risks, with over half citing economic issues and cybersecurity among top concerns. Future Spending Outlook: Despite current constraints, global information security spending is projected to rise to $213 billion in 2025, supported by ongoing threats and regulatory pressures. The Impact of Economic Anxiety Cybersecurity…

Summary Points SonicWall confirms that recent Akira ransomware attacks are exploiting the older CVE-2024-40766 flaw, a critical SSLVPN access control vulnerability, rather than a zero-day vulnerability. The vulnerability allows unauthorized access to endpoints, enabling attackers to hijack sessions; the flaw was heavily exploited post-disclosure, including by Akira and Fog ransomware groups. SonicWall recommends customers update firmware to version 7.3.0 or later, reset all local user passwords used for SSLVPN, and limit connectivity to trusted IPs to mitigate risks. Customers have expressed skepticism about SonicWall’s claims, citing breaches on recently created accounts and issues with log investigations, highlighting the need for…

Now GA, new self-learning detection engines surface threats undetectable for others – connecting subtle activity into prioritized leads to accelerate investigation, hunting, and response CrowdStrike announced the general availability of CrowdStrike Signal, a new class of AI-powered detection engines that surface the undetectable threats others miss – before they escalate. Signal uses self-learning models for every host to understand what’s normal in that environment across time, systems, and users. It pinpoints subtle, early-stage threat activity and connects related behaviors – before traditional tools act. By identifying weak signals that deviate from the norm and building high-confidence, prioritized leads, Signal accelerates the Falcon…

Top Highlights Vulnerability Exploitation: SonicWall clarified that recent attacks targeting its customers were linked to a previously disclosed access-control vulnerability (CVE-2024-40766) and not a new zero-day flaw. Ransomware Impact: The attacks, beginning in July, involved Akira ransomware and affected fewer than 40 customers, primarily due to the use of legacy credentials during firewall migration. Security Guidance Issued: SonicWall advised users to change credentials and upgrade to SonicOS version 7.3.0 to mitigate the risk of exploitation. Growing Threat: Security researchers from Huntress reported an expanding number of compromised accounts, indicating that SonicWall’s initial count of 40 may increase as more intrusions…

AI Systems Security Assessment and AI for SecOps Readiness expand CrowdStrike’s industry-leading AI Security Services portfolio, helping organizations reduce risk and stop breaches in the AI era CrowdStrike announced two new expert-led offerings as part of its expanding AI Security Services portfolio: AI Systems Security Assessment and AI for SecOps Readiness. Expanding on CrowdStrike’s AI Red Team Services introduced in 2024, these services help organizations secure the AI systems powering modern business and safely integrate AI into security operations. As organizations adopt LLMs, copilots, and agentic tools, they face a rapidly expanding attack surface with new risks such as shadow AI, misconfigurations,…

Fast Facts Cybersecurity Innovations: At Black Hat USA 2025, companies like 7AI, Absolute Security, and CrowdStrike unveiled advanced cybersecurity solutions, including autonomous security operations, a generative AI assistant for endpoint compliance, and AI systems security assessments to enhance AI deployment security. Ransomware Insights: Barracuda Networks reported that 57% of surveyed organizations faced ransomware attacks in 2025, with significant impacts in healthcare (67%) and local government (65%). Data recovery remains challenging, with 41% of those who paid ransom failing to restore all their data. Collaborative Security Efforts: Claroty and Google collaborated to boost threat detection between IT and OT, while Cymulate…

Forescout Technologies, Inc., a global leader in cybersecurity, announced it has achieved the Federal Risk and Authorization Management Program (FedRAMP) High Impact Level “In Process” designation, officially listing Forescout Technologies in the FedRAMP Marketplace. This milestone reflects Forescout’s deep commitment to helping federal agencies improve visibility, automate enforcement, and operationalize Zero Trust across hybrid IT, OT, IoT, and IoMT environments. The “In Process” designation signals formal sponsorship by a federal agency and active evaluation by an accredited third-party assessment organization, marking a major step toward full authorization at the highest security baseline used by civilian and federal agencies. It affirms Forescout…