Author: Staff Writer

Quick Takeaways Target Shift: Scattered Spider, a known threat actor previously focused on retail, is now actively targeting the US insurance sector, prompting alerts from Google’s Threat Intelligence Group. Tactics and Recent Activity: The group employs sophisticated social engineering techniques, primarily centered on ransomware and data theft extortion, reflecting an uptick in their activity after previous law enforcement actions. Recent Attacks Noted: Following attacks against UK retailers, multiple incidents involving US insurance companies have been identified, indicating a concentrated effort on this new sector. Industry Warning: Insurance companies are advised to be vigilant, especially regarding social engineering schemes aimed at…

Essential Insights Evolving Ransomware Threat: Ransomware attacks now target backup infrastructures first, crippling recovery capabilities by disabling backup agents and exploiting vulnerabilities, making traditional defenses insufficient. Common Vulnerabilities: Inadequate separation and dependence on a single cloud provider for backups significantly heighten risk. Attack techniques include exploiting Active Directory and misconfigurations to access backup systems. 3-2-1-1-0 Backup Strategy: Modern defenses require the 3-2-1-1-0 approach: three data copies, on two media types, with one offsite, one immutable, and zero errors. This ensures resilience against sophisticated attacks. Securing Backup Environments: Best practices for cloud and on-premises backups involve rigorous segmentation, MFA, strict access…

Fast Facts Critical Vulnerability Discovered: CISA warns that multiple discontinued TP-Link routers are affected by command injection vulnerability CVE-2023-33538, with a CVSS score of 8.8, allowing remote attackers to execute arbitrary system commands. No Support for Impacted Devices: The affected TP-Link models, including TL-WR940N and TL-WR841N, have not received software updates since 2018, urging users to discontinue their use. Active Exploitation Noted: PoC exploit code for the vulnerability was published and removed from GitHub, indicating ongoing exploitation risks. Apple Vulnerability Alert: CISA also highlighted an active exploitation of a vulnerability in Apple products affecting image and video processing (CVE-2025-43200), which…

Summary Points Critical Vulnerability Identified: CISA has added the high-severity flaw CVE-2023-33538 (CVSS score: 8.8) in TP-Link routers to its KEV catalog, allowing command injection via specific HTTP requests, leading to arbitrary system command execution. Urgent Remediation Needed: Users are advised to stop using affected TP-Link models (TL-WR940N, TL-WR841N, TL-WR740N) if no mitigations are available, especially as many may be end-of-life or end-of-service. Increased Exploit Activity: GreyNoise reports heightened attempts to exploit another vulnerability, CVE-2023-28771 (CVSS 9.8), in Zyxel firewalls, with evidence of various IP addresses engaging in exploitation targeting multiple countries. Mitigation Recommendations: Users of Zyxel devices should immediately…

Gives AWS customers seamless access to security’s best AI and data platform to rapidly speed detection and response across all attack surfaces SentinelOne announced that its rapidly growing AI-powered Security Information and Event Management (SIEM) solution– Singularity AI SIEM–is now available on AWS Marketplace. Facing surging demand, this strategic move opens up a new channel for AWS customers to quickly and easily benefit from the speed and power of SentinelOne’s AI and data capabilities to rapidly detect and respond to cyber threats across all attack surfaces. It represents the latest SentinelOne offering to be made available on the popular cloud marketplace,…

CISOs identify cybersquatting, domain-based attacks, and ransomware as top cybersecurity concerns An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC, the leading provider of enterprise-class domain and domain name system (DNS) security. The report, “CISO Outlook 2025: Navigating Evolving Domain-Based Threats in an Era of AI and Tightening Regulation,” names cybersquatting, domain and DNS hijacking, and…

Former CISO at S&P Global and Head of Global Operations at Visa Joins Anomali to Help Customers Modernize & Transform Their Security and IT Operations Anomali, the leading AI-Powered Security and IT Operations Platform, announced the appointment of George Moser as Chief Growth Officer. Moser brings more than two decades of experience leading security and IT transformations at institutions like S&P Global, Visa and Bank of New York Mellon (NYSE: BK). At each organization, Moser elevated security and IT teams to the C-suite and the board of directors and delivered transformations that modernized operations while increasing “EPS” (Earnings per Share)…

New capability gives organizations visibility into third-party AI use, data exposure, and governance gaps across their vendor ecosystem. BigID, the leader in data security, privacy, compliance, and AI data management, announced the launch of Vendor AI Assessment, the first solution of its kind designed to help organizations identify, evaluate, and manage the risks introduced by third-party AI usage. As vendors race to embed GenAI, large language models (LLMs), and autonomous agents into their products, organizations are left in the dark about how AI is being used – and what risks it introduces to their data, privacy, and compliance. BigID becomes the…

A decade ago, only the largest enterprises measured their data in petabytes (1000 TBs). Today, even mid-sized enterprises find themselves navigating through 2-3 petabytes of data. This data isn’t just sitting idly—it’s being accessed by third parties, manipulated and moved by engineers, and even being used to train LLM models. Here’s the catch: securing fast-moving data at such astronomical scales requires a fundamental shift in the way we approach data security, as manual processes are no longer sustainable. ndeed, only a select few have the expertise to manage data at the colossal scale of petabytes. We’re bringing these pioneers together…

HUB Cyber Security Ltd., a global leader in zero-trust confidential computing and advanced secured data fabric technology, announced the appointment of Mr. Paul Parisi as its Global Chief Revenue Officer. This appointment is a decisive step in HUB’s long-term strategy to expand across North America, fortify its enterprise presence, and meet rising demand from Fortune 1000 clients, sovereign entities and financial institutions. Cyber Technology Insights : BigID Introduces First Data-Driven Assessment for AI Governance and Third-Party AI Use Mr. Parisi brings to the Company over 25 years of experience leading and scaling commercial organizations in highly regulated, fast-growing sectors. As President of…