“Cyber warfare is as much about psychological strategy as technical prowess.”
― James Scott
-
What is phishing? Understanding enterprise phishing threats
Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person to trick users into revealing sensitive information.Read More
-
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign [email protected] (The Hacker News)
Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus hacking groups. The Operational Relay Box (ORB) network has been codenamed LapDogs by SecurityScorecard’s STRIKE team. “The LapDogs network has a high concentration…
-
The CISO evolution: From security gatekeeper to strategic leader
Amid accelerating digital transformation and growing regulatory pressure, leading CISOs have emerged from behind the scenes and taken the stage as influential business leaders.Read More
-
SBOM formats explained: Guide for enterprises
SBOMs inventory software components to help enhance security by tracking vulnerabilities. Teams have three standard SBOM formats to choose from: CycloneDX, SPDX and SWID tags.Read More
-
PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack [email protected] (The Hacker News)
A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community. The spear-phishing attacks leveraged topics related to Tibet, such as the 9th World Parliamentarians’ Convention on Tibet (WPCT), China’s education policy in the Tibet Autonomous Region (TAR), and a recently published book by…
-
What is a virtual CISO (vCISO)? Does your business need one?
The virtual chief information security officer (vCISO) is a C-suite-level security professional or service provider who offers CISO-level expertise on a part-time, remote or contractual basis.Read More
-
Business Case for Agentic AI SOC Analysts [email protected] (The Hacker News)
Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today’s security leaders are expected to reduce risk and deliver results without relying on larger teams or increased spending. At the same time, SOC inefficiencies are draining resources. Studies show…
-
Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit [email protected] (The Hacker News)
A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit. The activity has been attributed with medium confidence to a Chinese hacking group called Silver Fox (aka Void Arachne), citing similarities in tradecraft with previous campaigns attributed…
-
MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted [email protected] (The Hacker News)
Threat intelligence firm GreyNoise is warning of a “notable surge” in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing for another mass exploitation campaign or probing for unpatched systems.MOVEit Transfer is a popular managed file transfer solution used by businesses and government agencies to share sensitive dataRead…
-
OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors [email protected] (The Hacker News)
Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors. “The campaign exhibits characteristics aligned with Chinese-affiliated threat actors, though attribution remains cautious,” Trellix researchers Nico PauloRead More
“Security used to be an inconvenience sometimes, but now it’s a necessity all the time.”
― Martina Navratilova