Author: Staff Writer
Staff Writer
John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.
Thread AI Inc. and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider, announced a partnership. Under the agreement, Carahsoft will serve as Thread AI’s Public Sector distributor, making the company’s streamlined AI platform available to the Public Sector through Carahsoft’s reseller partners and NASA Solutions for Enterprise-Wide Procurement (SEWP) V, National Association of State Procurement Officials (NASPO) ValuePoint, The Interlocal Purchasing System (TIPS), OMNIA Partners, E&I Cooperative Services Contract and The Quilt contracts. Cyber Technology Insights : SentinelOne Accelerates Secure Cloud Migrations for AWS Customers “This partnership with Carahsoft and its network of reseller partners represents a pivotal advancement for our mission,” said…
Strivacity, a recognized leader in customer identity and access management (CIAM), and SDG Corporation, a premier provider of cybersecurity advisory, transformation, and managed services, announced a strategic partnership to help organizations modernize and simplify how they manage customer identities and access across digital channels. Enterprises are increasingly burdened by outdated login systems that frustrate users, lead to high abandonment rates, and introduce compliance complexity. By joining forces, Strivacity and SDG aim to eliminate these challenges through a powerful combination of low-code CIAM technology and proven implementation expertise, enabling secure, seamless sign-in experiences that drive user engagement and accelerate time to value.…
NordPass, a password manager and innovator of seamless authentication solutions, has introduced a unique, user-friendly dashboard that gives businesses control over all their shared credentials and folders. This new feature will give dedicated administrators in the organization the ability to oversee and modify permissions, as well as revoke access to those items from a centralized sharing control panel. “As organizations scale, credentials and other sensitive resources are frequently shared across teams informally or without consistent oversight. Without a centralized system to manage these interactions, organizations face several critical risks, like retaining access to sensitive resources for offboarded or role-changed users. Thus, the…
A server memory leak that allowed security researchers to quietly snoop on the recently disrupted DanaBot Russian malware-as-a-service (MaaS) operation for nearly three years has once again shown how much threat actors can sometimes give away when their own security slips.The bug, dubbed “DanaBleed” by researchers at Zscaler who uncovered it, exposed sensitive data straight from DanaBot’s command-and-control (C2) servers and included private keys, victim details, infection statistics, malware updates, and even bits of the attackers’ infrastructure setup.Unexpected WindfallUnexpected windfalls like these have been surfacing with surprising regularity in recent months, with cybercrime groups tripping over their own operational missteps.…
Cyber threats are accelerating, but many small and medium-sized businesses (SMBs) are stuck in neutral. Despite increasing awareness and rising investment in cybersecurity, too few are making the leap from confidence to capability. In fact, 71% of SMBs say they feel confident in handling a major cybersecurity incident – yet only 22% report having an advanced cybersecurity posture, according to Devolutions’ newly released report, “The State of IT Security for SMBs in 2025.” Based on input from 445 IT, security and executive professionals around the world, the report reveals that this gap between perception and reality is leaving many SMBs vulnerable – particularly…
Lost your phone? Simply reach out to trusted contacts to securely and instantly recover your credentials. Losing access to all of your online accounts is a nightmare scenario. Allthenticate, a Houston-based cybersecurity company, is debuting Rescue Missions, a recovery mechanism that lets users backup their credentials on the phones of their friends and family, ensuring that their identities are safe, their login credentials are never lost, and their security is in the hands of the people that they personally trust. Cyber Technology Insights : LevelBlue Agrees to Acquire Aon’s Cybersecurity and IP Litigation Consulting Groups Backed by Rescue Missions, Allthenticate turns smartphones into powerful, all-in-one…
Essential Insights Resumed Services: Marks & Spencer has reinstated limited online ordering for standard delivery to England, Wales, and Scotland following a significant cyberattack in April. Cyberattack Costs: The retailer anticipates incurring around $400 million in costs related to the cyberattack, attributed to the Scattered Spider threat group. Ongoing Challenges: International deliveries and several services, including next-day and Click & Collect, will take additional weeks to resume. Upgrading Technology: M&S plans to enhance technology platforms in response to the attack, which also affected food sales, indicating a commitment to improve resilience against future cyber threats. Resumption of Online Operations Marks…
Latest GenAI innovations significantly enhance customer productivity and efficiency Orca Security, the leading innovator in agentless cloud security, launched the latest innovations for Orca AI and new detections to secure sensitive AI training data in cloud-native environments. Orca AI now provides instant access to deep cloud telemetry from the Orca Unified Data Model through a simple, intuitive, chat-like experience to quickly and easily understand cloud security risks and compliance gaps. Orca’s approach is built on a vision of making cloud security easy for everyone who uses the Orca Cloud Security platform. The foundation is Orca’s patented SideScanning and Unified Data…
Fast Facts Security Debt Crisis: Government agencies carry significant "security debt," with 80% having unaddressed software vulnerabilities for over a year, exposing them to elevated risks from cyberattacks. Slow Resolution Process: On average, government agencies take 315 days to resolve half of their software vulnerabilities, notably longer than the combined public- and private-sector average of 252 days. Legacy System Challenges: Many agencies rely on outdated applications and legacy frameworks, hindering their ability to identify and remediate vulnerabilities promptly. Budget Constraints: Ongoing budget cuts and limited personnel contribute to the inability of agencies to prioritize and address critical vulnerabilities effectively, increasing…
ThreatConnect, maker of leading threat and risk-informed defense solutions, announced that it has achieved FedRAMP Authorization status for its threat intelligence platform. This marks a significant milestone in the company’s efforts to meet the rigorous security standards required for federal government cloud services. FedRAMP, the Federal Risk and Authorization Management Program, is a government-wide program designed to provide a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services used by federal agencies. Cyber Technology Insights : LevelBlue Agrees to Acquire Aon’s Cybersecurity and IP Litigation Consulting Groups The FedRAMP Authorized designation indicates that government agencies can confidently…