Lawmakers Want to Ban VPNs—And They Have No Idea What They're Doing
It's unfortunately no longer enough to force websites to check your government-issued ID before you can access certain content, because politicians have now discovered that people are using Virtual
Compromised Credentials Responsible for 50% of Ransomware Attacks
The statistics listed in the Quarterly Threat Report: Third Quarter, 2025, issued by Beazley Security are eye popping. They include: August and September
Researchers have recently identified severe vulnerabilities in the AI browser Comet, raising significant concerns about the security of AI-integrated browsing tools. This discovery highlights ongoing risks in browser technologies, echoing earlier findings by Google researchers who identified a new Chrome zero-day vulnerability. Additionally, flaws in the CVSS vulnerability scoring system have been exposed, potentially undermining […]
Video game chat platform tells users that driver’s licences and passports were among the forms of data accessed via a third-party customer service provider
Phantom Hacker Fraud: The Corporate Risk You're Not Monitoring
The Phantom Hacker scam exposes a growing threat where executive personal account breaches become corporate cybersecurity and eDiscovery crises. Learn why legal tech leaders must act now.
Before You Hit ‘Record’: Legal Risks In Using AI Notetaking Tools
You may have asked a team member or associate to jot down notes during a Zoom call, only to find that they struggled to capture every key point while...
Why IT Security and IT Operations Are Converging (+ What It Means for Your Business)
Understand the convergence of IT security and operations, its benefits, and key metrics like MTTI, MTTC, MTTD, and MTTR for enhanced resilience and faster incident response in your IT environment.
US National Security Advisor Mike Waltz, who started the now-infamous group chat coordinating a US attack against the Yemen-based Houthis on March 15, is seemingly now suggesting that the secure messaging service Signal has security vulnerabilities. "I didn’t see this loser in the group," Waltz told Fox News about Atlantic editor in chief Jeffrey Goldberg, whom Waltz invited to the chat. "Whether he did it deliberately or it happened in some other technical mean, is something we’re trying to figure out." Waltz’s implication that Goldberg may have hacked his way in was followed by a ...
Hackers stole this engineer's 1Password database. Could it happen to you?
A software engineer for the Disney Company unwittingly downloaded a piece of malware that turned his life upside down. Was his password manager to blame?
An iCloud Backdoor Would Make Our Phones Less Safe
Last month, the UK government demanded that Apple weaken the security of iCloud for users worldwide. On Friday, Apple took steps to comply for users in the United Kingdom. But the British law is written in a way that requires Apple to give its government access to anyone, anywhere in the world. If the government demands Apple weaken its security worldwide, it would increase everyone’s cyber-risk in an already dangerous world. If you’re an iCloud user, you have the option of turning on something called “advanced data protection,” or ADP. In that mode, a majority of your data is end-to-end encrypted. This means that no one, not even anyone at Apple, can read that data. It’s a restriction enforced by mathematics—cryptography—and not policy. Even if someone successfully hacks iCloud, they can’t read ADP-protected data...
The Washington Post is reporting that the UK government has served Apple with a “technical capability notice” as defined by the 2016 Investigatory Powers Act, requiring it to break the Advanced Data Protection encryption in iCloud for the benefit of law enforcement. This is a big deal, and something we in the security community have worried was coming for a while now. The law, known by critics as the Snoopers’ Charter, makes it a criminal offense to reveal that the government has even made such a demand. An Apple spokesman declined to comment...
Insider Threats: The Overlooked Risks of Departing Employees and Sensitive Data Theft
Insider threats continue to present a significant challenge for organizations of all sizes. One particularly concerning scenario involves employees who
The Psychology of Phishing: Why Smart People Fall for Scams
Do you know that feeling of dread when you realize you’ve clicked on a suspicious link? I know it perfectly. It has happened to me several times in the last year! The positive aspect of it is that it…
Is End-User Cybersecurity Training Useless? Spoiler Alert: It’s Not!
Chris Clements, VP of Solutions Architecture Because of the frequency of phishing attacks landing in user mailboxes and the severity of the consequences of a user falling for a lure, any improvement at all can make the difference between an organization suffering a breach. Detrimental Best Practices One of my biggest pet peeves is compulsory The post Is End-User Cybersecurity Training Useless? Spoiler Alert: It’s Not! appeared first on CISO Global.
