The weekend is prime time for ransomware
Over half of organizations that experienced a ransomware event in the past year were hit during a weekend or holiday, according to a Semperis report. Those periods often come …
Week in review: Fake “Windows Update” fuels malware, Salesforce details Gainsight breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Quantum encryption is pushing satellite hardware to its limits In this Help …
Social data puts user passwords at risk in unexpected ways
Many CISOs already assume that social media creates new openings for password guessing, but new research helps show what that risk looks like in practice. The findings reveal …
New observational auditing framework takes aim at machine learning privacy leaks
Machine learning (ML) privacy concerns continue to surface, as audits show that models can reveal parts of the labels (the user’s choice, expressed preference, or the result …
Why password management defines PCI DSS success
Most CISOs spend their days dealing with noisy dashboards and vendor pitches that all promise a shortcut to compliance. It can be overwhelming to sort out what matters. When …
Fragmented tooling slows vulnerability management
Security leaders know vulnerability backlogs are rising, but new data shows how quickly the gap between exposures and available resources is widening, according to a new …
Infosec products of the month: November 2025
Here’s a look at the most interesting products from the past month, featuring releases from: 1touch.io, Action1, Barracuda Networks, Bedrock Data, Bitdefender, Cyware, …
Hottest cybersecurity open-source tools of the month: November 2025
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Heisenberg: …
Your critical infrastructure is running out of time
Cyber attackers often succeed not because they are inventive, but because the systems they target are old. A new report by Cisco shows how unsupported technology inside …
The identity mess your customers feel before you do
Customer identity has become one of the most brittle parts of the enterprise security stack. Teams know authentication matters, but organizations keep using methods that …
Criminal networks industrialize payment fraud operations
Fraud operations are expanding faster than payment defenses can adjust. Criminal groups function like coordinated businesses that develop tools, automate tasks, and scale …
Gainsight breach: Salesforce details attack window, issues investigation guidance
The number of Salesforce customers affected by the recent compromise of Gainsight-published applications is yet to be publicly confirmed, but Salesforce released indicators of …