Author: Staff Writer

Over the past two years, there has been a significant increase in human-operated threat actors using stealthy tactics, social engineering, and compromised identities to bypass security controls and breach well-defended organizations. Despite organizations transitioning to a Zero Trust architecture, they remain vulnerable to identity-based threats, malicious insiders, and lateral movement. Security teams need a proactive approach to stop these advanced threats. Join us for an hour of learning as we discuss how you can extend Zero Trust with Deception. We will cover the following: Why have attackers shifted their focus to compromising users and applications What Deception is and…

Summary Points Vulnerability Identified: Cybersecurity researchers uncovered a serious flaw in eSIM technology, specifically affecting the Kigen eUICC card, which could enable attackers to exploit mobile subscriptions without detection. Exploitation Method: Attackers must gain physical access to the eUICC and use known keys to install malicious applets, potentially extracting sensitive operator data and modifying user profiles. GSMA Standards Loophole: The vulnerability stems from outdated GSMA TS.48 specifications (up to v6.0) that allowed unauthorized applet installation; v7.0 offers a patching solution by restricting these profiles. Consequences for Security: The exploit’s potential to create backdoors in eSIMs could allow nation-state groups to…

A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 countries. These BNS pages are made to look like real news outlets: CNN, BBC, CNBC, or regional media. They publish fake stories that feature public figures, central banks, or financial brands, all claiming to back new ways to earn passive income. The goal? Build trust quickly and steer readers toward professional-looking scam platforms like Trap10, Solara Vynex, or Eclipse Earn. Scammers use sponsored ads on Google, Meta, and blog networks…

Quick Takeaways Phishing Victims and Losses: In 2022, HMRC was the third most spoofed UK government body, with 100,000 customers falling victim to a scam in June 2025, resulting in a £47 million loss to taxpayers. Arrests and Investigations: A joint operation between HMRC and Romanian police led to the arrest of 14 suspects linked to phishing attacks, highlighting ongoing efforts to combat tax fraud involving organized criminal gangs. Nature of Fraud: The criminals allegedly stole personal data to submit fraudulent PAYE claims and claim VAT and Child Benefit payments, emphasizing the sophistication of the phishing schemes. Preventative Measures: HMRC…

VulnCheck, a leading exploit intelligence company, has announced that Jen Easterly, former Director of CISA, and Andrew Boyd, former Director of the CIA’s Center for Cyber Intelligence (CCI), will headline THREATCON1. The event is scheduled for September 21-22, 2025, at Carahsoft Headquarters in Reston, Virginia. Both Easterly and Boyd will provide insights into the current state of cybersecurity, discussing how national security intersects with emerging technologies and the balance between offensive and defensive cyber strategies. Their keynote will explore how these factors are influencing U.S. cyber policies and shaping international responses to evolving digital threats. Cyber Technology Insights : GuidePoint Security Reports…

Did you know that APIs are a prime target for cyber attacks? But here’s the catch: they’re not isolated. The components powering your critical APIs are also vulnerable to security misconfigurations, making you susceptible to breaches. In today’s dynamic IT landscape, where private, hybrid, public clouds, and edge locations coexist, securing your APIs requires a comprehensive approach. In this highly informative session, experts from Noname Security will delve into the depths of API security misconfigurations and vulnerabilities, shedding light on the true attack surface that extends from on-premises environments to the vast public cloud. What you’ll learn: Understanding Your…

Welcome to this week’s edition of the Weekly Cybertech Roundup, where we bring you the most significant developments and trends shaping the world of cyber technology. From groundbreaking innovations to critical security updates, our roundup highlights the key stories that are driving the industry forward. Whether you’re a tech enthusiast, a cybersecurity professional, or just curious about the latest advancements, we’ve got you covered with all the insights you need to stay informed. Let’s dive into this week’s highlights! Brand Covered: KnowBe4 Headline: KnowBe4 Shares Cybersecurity Best Practices for Safer Return-to-Office Transitions KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, released a…

Fact 1 : Insider threats aren’t new – the potential of employees exposing critical or sensitive information, whether intentionally or accidentally, has been a major worry for security professionals for years. Fact 2: Employees rely on SaaS applications more than ever to conduct both basic and complex business operations. SaaS security is struggling to keep up. To effectively protect critical data, a broaderg SaaS Security Posture Management (SSPM) approach is needed. How is it done? How does this fit into existing MFA, SSO and IAM practices? We’re happy to share.  Join this webinar to find answers to these questions and:…

KeyStone Solutions, a SOC 2, Type II certified provider of comprehensive IT services and cybersecurity solutions, is proud to announce its continued recognition on the Channel Partners MSP 501 list for the third consecutive year, climbing to an impressive #37. This marks a major milestone in the company’s commitment to delivering exceptional managed IT services and cybersecurity solutions to the SMB market nationwide. The Channel Partners MSP 501 list is a globally respected benchmark that ranks the most innovative and strategic Managed Service Providers (MSPs) based on growth, operational efficiency, and customer-centric offerings. Cyber Technology Insights : GuidePoint Security Reports Surge in Ransomware Groups…

Patero, a leader in post-quantum cryptography, announces the integration of its post-quantum encryption technology into Sylllego’s Distributed Universal Sensing Technology (DUST) platform. Syllego is a leader in intelligent infrastructure solutions for smart cities. This strategic move aims to bolster cybersecurity for U.S. cities, ensuring compliance with federal mandates, including Executive Order 14144 and National Security Memoranda 10 and 22. The DUST platform, curated and managed by Syllego, is designed to provide real-time situational awareness and operational efficiency for urban environments. By incorporating Patero’s CryptoQoR post-quantum cryptography, DUST safeguards Opelika’s critical data and communications across city systems with NIST quantum-resistant encryption. Cyber Technology Insights : GuidePoint Security…