Amazon Web Services (AWS) recommends using AWS IAM Identity Center to provide your workforce access to AWS managed applications—such as Amazon Q Developer—and AWS accounts. Today, we announced IAM Identity Center support for IPv6. To learn more about the advantages of IPv6, visit the IPv6 product page. When you enable IAM Identity center, it provides…
Category: Network Security
AI, Announcements, Apps, Compliance, Endpoint, Foundational (100), Global Security News, Launch, Network Security
IAM Identity Center now supports IPv6
Amazon Web Services (AWS) recommends using AWS IAM Identity Center to provide your workforce access to AWS managed applications—such as Amazon Q Developer—and AWS accounts. Today, we announced IAM Identity Center support for IPv6. To learn more about the advantages of IPv6, visit the IPv6 product page. When you enable IAM Identity center, it provides…
AI, Announcements, Apps, Compliance, Endpoint, Foundational (100), Global Security News, Launch, Network Security
IAM Identity Center now supports IPv6
Amazon Web Services (AWS) recommends using AWS IAM Identity Center to provide your workforce access to AWS managed applications—such as Amazon Q Developer—and AWS accounts. Today, we announced IAM Identity Center support for IPv6. To learn more about the advantages of IPv6, visit the IPv6 product page. When you enable IAM Identity center, it provides…
AI, Announcements, Apps, Compliance, Endpoint, Foundational (100), Global Security News, Launch, Network Security
IAM Identity Center now supports IPv6
Amazon Web Services (AWS) recommends using AWS IAM Identity Center to provide your workforce access to AWS managed applications—such as Amazon Q Developer—and AWS accounts. Today, we announced IAM Identity Center support for IPv6. To learn more about the advantages of IPv6, visit the IPv6 product page. When you enable IAM Identity center, it provides…
AI, Announcements, Apps, Compliance, Endpoint, Foundational (100), Global Security News, Launch, Network Security
IAM Identity Center now supports IPv6
Amazon Web Services (AWS) recommends using AWS IAM Identity Center to provide your workforce access to AWS managed applications—such as Amazon Q Developer—and AWS accounts. Today, we announced IAM Identity Center support for IPv6. To learn more about the advantages of IPv6, visit the IPv6 product page. When you enable IAM Identity center, it provides…
AI, Blog, CVE, CVEs, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-20045: Critical Zero-Day in Cisco Products Is Actively Exploited in the Wild
Hot on heels of the DoS vulnerability in Palo Alto Networks’ GlobalProtect (CVE-2026-0227), security professionals are facing another major challenge. This time, Cisco announced that several of its unified communications products are affected by a critical remote code execution (RCE) vulnerability. If successfully exploited, the flaw enables hackers to execute malicious commands on the underlying…
AI, Blog, CVE, CVEs, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-20045: Critical Zero-Day in Cisco Products Is Actively Exploited in the Wild
Hot on heels of the DoS vulnerability in Palo Alto Networks’ GlobalProtect (CVE-2026-0227), security professionals are facing another major challenge. This time, Cisco announced that several of its unified communications products are affected by a critical remote code execution (RCE) vulnerability. If successfully exploited, the flaw enables hackers to execute malicious commands on the underlying…
AI, Blog, CVE, CVEs, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-20045: Critical Zero-Day in Cisco Products Is Actively Exploited in the Wild
Hot on heels of the DoS vulnerability in Palo Alto Networks’ GlobalProtect (CVE-2026-0227), security professionals are facing another major challenge. This time, Cisco announced that several of its unified communications products are affected by a critical remote code execution (RCE) vulnerability. If successfully exploited, the flaw enables hackers to execute malicious commands on the underlying…
AI, Blog, CVE, CVEs, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-20045: Critical Zero-Day in Cisco Products Is Actively Exploited in the Wild
Hot on heels of the DoS vulnerability in Palo Alto Networks’ GlobalProtect (CVE-2026-0227), security professionals are facing another major challenge. This time, Cisco announced that several of its unified communications products are affected by a critical remote code execution (RCE) vulnerability. If successfully exploited, the flaw enables hackers to execute malicious commands on the underlying…
AI, Blog, CVE, CVEs, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-20045: Critical Zero-Day in Cisco Products Is Actively Exploited in the Wild
Hot on heels of the DoS vulnerability in Palo Alto Networks’ GlobalProtect (CVE-2026-0227), security professionals are facing another major challenge. This time, Cisco announced that several of its unified communications products are affected by a critical remote code execution (RCE) vulnerability. If successfully exploited, the flaw enables hackers to execute malicious commands on the underlying…
AI, Apps, Europe, Global Security News, My Take, Network Security, Top Stories
MY TAKE: From ‘holy mackeral’ to ‘daily routine’ — AI vendors maneuver to commandeer your life
An email from Claude landed in my inbox Friday morning with a subject line that stopped me cold: “Using Claude for your everyday life.” Related: AI’s fortune teller effect Not “Unlock the power of AI” or “Transform your productivity.” Just… everyday life. Meal planning. Learning Spanish. Vacation planning. The kind of stuff you’d chat about…
AI, Blog, CVE, CVEs, Cybersecurity, Denial of Service, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption
Shortly after Microsoft’s massive January Patch Tuesday release addressing the CVE-2026-20805 zero-day vulnerability in Windows Desktop Window Manager, another technology giant has issued a security fix. This time, Palo Alto Networks has warned of a high-severity flaw affecting its GlobalProtect Gateway and Portal, noting that a proof-of-concept (PoC) exploit is available. GlobalProtect is Palo Alto…
AI, Blog, CVE, CVEs, Cybersecurity, Denial of Service, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption
Shortly after Microsoft’s massive January Patch Tuesday release addressing the CVE-2026-20805 zero-day vulnerability in Windows Desktop Window Manager, another technology giant has issued a security fix. This time, Palo Alto Networks has warned of a high-severity flaw affecting its GlobalProtect Gateway and Portal, noting that a proof-of-concept (PoC) exploit is available. GlobalProtect is Palo Alto…
AI, Blog, CVE, CVEs, Cybersecurity, Denial of Service, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption
Shortly after Microsoft’s massive January Patch Tuesday release addressing the CVE-2026-20805 zero-day vulnerability in Windows Desktop Window Manager, another technology giant has issued a security fix. This time, Palo Alto Networks has warned of a high-severity flaw affecting its GlobalProtect Gateway and Portal, noting that a proof-of-concept (PoC) exploit is available. GlobalProtect is Palo Alto…
AI, Blog, CVE, CVEs, Cybersecurity, Denial of Service, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption
Shortly after Microsoft’s massive January Patch Tuesday release addressing the CVE-2026-20805 zero-day vulnerability in Windows Desktop Window Manager, another technology giant has issued a security fix. This time, Palo Alto Networks has warned of a high-severity flaw affecting its GlobalProtect Gateway and Portal, noting that a proof-of-concept (PoC) exploit is available. GlobalProtect is Palo Alto…
AI, Blog, CVE, CVEs, Cybersecurity, Denial of Service, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption
Shortly after Microsoft’s massive January Patch Tuesday release addressing the CVE-2026-20805 zero-day vulnerability in Windows Desktop Window Manager, another technology giant has issued a security fix. This time, Palo Alto Networks has warned of a high-severity flaw affecting its GlobalProtect Gateway and Portal, noting that a proof-of-concept (PoC) exploit is available. GlobalProtect is Palo Alto…
Global Security News, Network Security, social media
Why LinkedIn is a hunting ground for threat actors – and how to protect yourself
The business social networking site is a vast, publicly accessible database of corporate information. Don’t believe everyone on the site is who they say they are.
AI, Compliance, Data Breaches, Global Security News, malware, Network Security, privacy
From Instagram panic to Grok gone wild
Confusion reigns after claims that data linked to 17.5 million Instagram accounts is up for sale – sparked by a vague post, contradictory statements, and a flood of password reset emails nobody asked for. And we dig into Grok, Elon Musk’s AI chatbot, after it started generating sexualised images of women and children – raising…
AI, Apps, APT, Blog, CERT-UA, CVEs, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Pluggyape, Risk Management, Russia
UAC-0190 Attack Detection: Fake Charity Lures Used to Deploy the PLUGGYAPE Backdoor Against the Ukrainian Armed Forces
On January 12, 2026, the CERT-UA team disclosed a targeted cyber-espionage campaign against the Ukrainian Armed Forces that abused charity-themed social engineering to deliver the PLUGGYAPE backdoor. The activity, observed between October and December 2025, is attributed with medium confidence to the russia-aligned threat actor known as Void Blizzard (Laundry Bear), tracked by CERT-UA as…
AI, Apps, APT, Blog, CERT-UA, CVEs, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Pluggyape, Risk Management, Russia
UAC-0190 Attack Detection: Fake Charity Lures Used to Deploy the PLUGGYAPE Backdoor Against the Ukrainian Armed Forces
On January 12, 2026, the CERT-UA team disclosed a targeted cyber-espionage campaign against the Ukrainian Armed Forces that abused charity-themed social engineering to deliver the PLUGGYAPE backdoor. The activity, observed between October and December 2025, is attributed with medium confidence to the russia-aligned threat actor known as Void Blizzard (Laundry Bear), tracked by CERT-UA as…
AI, Apps, APT, Blog, CERT-UA, CVEs, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Pluggyape, Risk Management, Russia
UAC-0190 Attack Detection: Fake Charity Lures Used to Deploy the PLUGGYAPE Backdoor Against the Ukrainian Armed Forces
On January 12, 2026, the CERT-UA team disclosed a targeted cyber-espionage campaign against the Ukrainian Armed Forces that abused charity-themed social engineering to deliver the PLUGGYAPE backdoor. The activity, observed between October and December 2025, is attributed with medium confidence to the russia-aligned threat actor known as Void Blizzard (Laundry Bear), tracked by CERT-UA as…
AI, Amazon GuardDuty, APAC, Apps, Compliance, Cybersecurity, Endpoint, Expert (400), Exploits, Global Security News, malware, Network Security, Risk Management, Security, Security, Identity, & Compliance
Real-time malware defense: Leveraging AWS Network Firewall active threat defense
Cyber threats are evolving faster than traditional security defense can respond; workloads with potential security issues are discovered by threat actors within 90 seconds, with exploitation attempts beginning within 3 minutes. Threat actors are quickly evolving their attack methodologies, resulting in new malware variants, exploit techniques, and evasion tactics. They also rotate their infrastructure—IP addresses,…
AI, Amazon GuardDuty, APAC, Apps, Compliance, Cybersecurity, Endpoint, Expert (400), Exploits, Global Security News, malware, Network Security, Risk Management, Security, Security, Identity, & Compliance
Real-time malware defense: Leveraging AWS Network Firewall active threat defense
Cyber threats are evolving faster than traditional security defense can respond; workloads with potential security issues are discovered by threat actors within 90 seconds, with exploitation attempts beginning within 3 minutes. Threat actors are quickly evolving their attack methodologies, resulting in new malware variants, exploit techniques, and evasion tactics. They also rotate their infrastructure—IP addresses,…
AI, Amazon GuardDuty, APAC, Apps, Compliance, Cybersecurity, Endpoint, Expert (400), Exploits, Global Security News, malware, Network Security, Risk Management, Security, Security, Identity, & Compliance
Real-time malware defense: Leveraging AWS Network Firewall active threat defense
Cyber threats are evolving faster than traditional security defense can respond; workloads with potential security issues are discovered by threat actors within 90 seconds, with exploitation attempts beginning within 3 minutes. Threat actors are quickly evolving their attack methodologies, resulting in new malware variants, exploit techniques, and evasion tactics. They also rotate their infrastructure—IP addresses,…
AI, Amazon GuardDuty, APAC, Apps, Compliance, Cybersecurity, Endpoint, Expert (400), Exploits, Global Security News, malware, Network Security, Risk Management, Security, Security, Identity, & Compliance
Real-time malware defense: Leveraging AWS Network Firewall active threat defense
Cyber threats are evolving faster than traditional security defense can respond; workloads with potential security issues are discovered by threat actors within 90 seconds, with exploitation attempts beginning within 3 minutes. Threat actors are quickly evolving their attack methodologies, resulting in new malware variants, exploit techniques, and evasion tactics. They also rotate their infrastructure—IP addresses,…
AI, Amazon GuardDuty, APAC, Apps, Compliance, Cybersecurity, Endpoint, Expert (400), Exploits, Global Security News, malware, Network Security, Risk Management, Security, Security, Identity, & Compliance
Real-time malware defense: Leveraging AWS Network Firewall active threat defense
Cyber threats are evolving faster than traditional security defense can respond; workloads with potential security issues are discovered by threat actors within 90 seconds, with exploitation attempts beginning within 3 minutes. Threat actors are quickly evolving their attack methodologies, resulting in new malware variants, exploit techniques, and evasion tactics. They also rotate their infrastructure—IP addresses,…
AI, Amazon GuardDuty, APAC, Apps, Compliance, Cybersecurity, Endpoint, Expert (400), Exploits, Global Security News, malware, Network Security, Risk Management, Security, Security, Identity, & Compliance
Real-time malware defense: Leveraging AWS Network Firewall active threat defense
Cyber threats are evolving faster than traditional security defense can respond; workloads with potential security issues are discovered by threat actors within 90 seconds, with exploitation attempts beginning within 3 minutes. Threat actors are quickly evolving their attack methodologies, resulting in new malware variants, exploit techniques, and evasion tactics. They also rotate their infrastructure—IP addresses,…
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Three Benefits of Segmentation
The successful implementation of segmentation enables organizations to contain breaches, protect high-value assets, and meet compliance requirements.
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Three Benefits of Segmentation
The successful implementation of segmentation enables organizations to contain breaches, protect high-value assets, and meet compliance requirements.
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Three Benefits of Segmentation
The successful implementation of segmentation enables organizations to contain breaches, protect high-value assets, and meet compliance requirements.
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Three Benefits of Segmentation
The successful implementation of segmentation enables organizations to contain breaches, protect high-value assets, and meet compliance requirements.
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Three Benefits of Segmentation
The successful implementation of segmentation enables organizations to contain breaches, protect high-value assets, and meet compliance requirements.
AI, china, Compliance, Cybersecurity, Data Breaches, Global Security News, malware, Network Security, privacy, Venture
How to scam someone in seven days
Romance scammers have apparently discovered astrology… and Taurus is their secret weapon. In episode 449 of “Smashing Security”, we take a look inside an actual romance-fraud handbook – complete with scripts, personality “types”, corporate jargon, and a seven-day plan to get victims from hello to hand over the crypto. Then Lesley “hacks4pancakes” Carhart delivers a…
AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…
AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…
AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…
AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…
AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…
AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…
AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…
AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…
AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…
AI, API security, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
From Agent2Agent Prompt Injection to Runtime Self-Defense: How Wallarm Redefines Agentic AI Security
Is an AI-to-AI attack scenario a science fiction possibility only for blockbusters like the Terminator series of movies? Well, maybe not! Researchers recently discovered that one AI agent can “inject malicious instructions into a conversation, hiding them among otherwise benign client requests and server responses.” While known AI threats involve tricking an agent with malicious…
AI, APAC, API security, Apps, Cybersecurity, Global Security News, Network Security
CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a…
AI, APAC, API security, Apps, Cybersecurity, Global Security News, Network Security
CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a…
AI, APAC, API security, Apps, Cybersecurity, Global Security News, Network Security
CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a…
AI, APAC, API security, Apps, Cybersecurity, Global Security News, Network Security
CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a…
AI, APAC, API security, Apps, Cybersecurity, Global Security News, Network Security
CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a…
AI, APAC, API security, Apps, Cybersecurity, Global Security News, Network Security
CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a…
AI, APAC, API security, Apps, Cybersecurity, Global Security News, Network Security
CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a…
AI, APAC, API security, Apps, Cybersecurity, Global Security News, Network Security
CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a…
AI, APAC, API security, Apps, Cybersecurity, Global Security News, Network Security
CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a…
china, ESET research, Global Security News, Government & Policy, Network Security
LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan
ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage tools across networks of governmental institutions
AI, Amazon GuardDuty, APAC, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security, Security, Identity, & Compliance
GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS
Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Compute Cloud (Amazon EC2). GuardDuty Extended Threat Detection was able to correlate signals…
AI, Amazon GuardDuty, APAC, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security, Security, Identity, & Compliance
GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS
Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Compute Cloud (Amazon EC2). GuardDuty Extended Threat Detection was able to correlate signals…
AI, Amazon GuardDuty, APAC, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security, Security, Identity, & Compliance
GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS
Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Compute Cloud (Amazon EC2). GuardDuty Extended Threat Detection was able to correlate signals…
AI, Amazon GuardDuty, APAC, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security, Security, Identity, & Compliance
GuardDuty Extended Threat Detection uncovers cryptomining campaign on Amazon EC2 and Amazon ECS
Amazon GuardDuty and our automated security monitoring systems identified an ongoing cryptocurrency (crypto) mining campaign beginning on November 2, 2025. The operation uses compromised AWS Identity and Access Management (IAM) credentials to target Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Compute Cloud (Amazon EC2). GuardDuty Extended Threat Detection was able to correlate signals…
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Key Challenges that Impede Segmentation Progress
The 2025 Cisco Segmentation Report shows that complexity, visibility, and context remain the main challenges for successful segmentation implementations.
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Key Challenges that Impede Segmentation Progress
The 2025 Cisco Segmentation Report shows that complexity, visibility, and context remain the main challenges for successful segmentation implementations.
AI, Apps, Best Practices, Cloud Security, Compliance, Cybersecurity, Exploits, Foundational (100), Global Security News, malware, Network Security, Security, Identity, & Compliance
What AWS Security learned from responding to recent npm supply chain threat campaigns
AWS incident response operates around the clock to protect our customers, the AWS Cloud, and the AWS global infrastructure. Through that work, we learn from a variety of issues and spot unique trends. Over the past few months, high-profile software supply chain threat campaigns involving third party software repositories have highlighted the importance of protecting…
AI, Apps, Best Practices, Cloud Security, Compliance, Cybersecurity, Exploits, Foundational (100), Global Security News, malware, Network Security, Security, Identity, & Compliance
What AWS Security learned from responding to recent npm supply chain threat campaigns
AWS incident response operates around the clock to protect our customers, the AWS Cloud, and the AWS global infrastructure. Through that work, we learn from a variety of issues and spot unique trends. Over the past few months, high-profile software supply chain threat campaigns involving third party software repositories have highlighted the importance of protecting…
AI, Apps, Best Practices, Cloud Security, Compliance, Cybersecurity, Exploits, Foundational (100), Global Security News, malware, Network Security, Security, Identity, & Compliance
What AWS Security learned from responding to recent npm supply chain threat campaigns
AWS incident response operates around the clock to protect our customers, the AWS Cloud, and the AWS global infrastructure. Through that work, we learn from a variety of issues and spot unique trends. Over the past few months, high-profile software supply chain threat campaigns involving third party software repositories have highlighted the importance of protecting…
AI, Apps, Best Practices, Endpoint, Europe, Exploits, Global Security News, Network Security, Risk Management, Russia, Security Blog, Security, Identity, & Compliance, Technical How-to, Thought Leadership
Amazon Threat Intelligence identifies Russian cyber threat group targeting Western critical infrastructure
As we conclude 2025, Amazon Threat Intelligence is sharing insights about a years-long Russian state-sponsored campaign that represents a significant evolution in critical infrastructure targeting: a tactical pivot where what appear to be misconfigured customer network edge devices became the primary initial access vector, while vulnerability exploitation activity declined. This tactical adaptation enables the same…
Global Security News, Network Security, Security
The Segmentation Cycle: A Practical Approach to Network Security
The segmentation journey starts with visibility, goes through identity context, policy and enforcement, ultimately returning to enhanced visibility.
AI, Compliance, Exploits, Global Security News, Government & Policy, Network Security, privacy
Grok the stalker, the Louvre heist, and Microsoft 365 mayhem
On this week’s show we learn that AI really can be a stalker’s best friend, as we explore a strange tale that starts with a manatee-shaped mailbox on a millionaire’s lawn and ends with Grok happily doxxing real people, mapping out stalking “strategies,” and handing out revenge-porn tips. Then we go inside the Louvre heist,…
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Segmentation Remains a Foundational Security Concept
The 2025 Cisco Segmentation Report shows that the concept’s adaptability makes it a foundational cornerstone for modern enterprise security strategies.
Global Security News, Network Security
Phishing, privileges and passwords: Why identity is critical to improving cybersecurity posture
Identity is effectively the new network boundary. It must be protected at all costs.
AI, API security, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Attackers Don’t Need to Breach Your API -They’ll Breach the Tools That Touch It
The API supply chain is the new security blind spot. Attackers no longer need to breach your APIs directly; they can target the third-party services that connect to them. These unmanaged dependencies are now the shortest path to your sensitive data. The recent Mixpanel incident is a stark reminder of that fact. What Happened During…
AI, API security, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Attackers Don’t Need to Breach Your API -They’ll Breach the Tools That Touch It
The API supply chain is the new security blind spot. Attackers no longer need to breach your APIs directly; they can target the third-party services that connect to them. These unmanaged dependencies are now the shortest path to your sensitive data. The recent Mixpanel incident is a stark reminder of that fact. What Happened During…
AI, API security, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Attackers Don’t Need to Breach Your API -They’ll Breach the Tools That Touch It
The API supply chain is the new security blind spot. Attackers no longer need to breach your APIs directly; they can target the third-party services that connect to them. These unmanaged dependencies are now the shortest path to your sensitive data. The recent Mixpanel incident is a stark reminder of that fact. What Happened During…
AI, API security, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Attackers Don’t Need to Breach Your API -They’ll Breach the Tools That Touch It
The API supply chain is the new security blind spot. Attackers no longer need to breach your APIs directly; they can target the third-party services that connect to them. These unmanaged dependencies are now the shortest path to your sensitive data. The recent Mixpanel incident is a stark reminder of that fact. What Happened During…
AI, API security, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Attackers Don’t Need to Breach Your API -They’ll Breach the Tools That Touch It
The API supply chain is the new security blind spot. Attackers no longer need to breach your APIs directly; they can target the third-party services that connect to them. These unmanaged dependencies are now the shortest path to your sensitive data. The recent Mixpanel incident is a stark reminder of that fact. What Happened During…
AI, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security, privacy
The hack that brought back the zombie apocalypse
America’s airwaves are haunted by zombies again, as we dig into a decade of broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency alerts, and even replace religious sermons with explicit furry podcasts. Meanwhile, we look at how a worker at a cybersecurity firm allegedly…
AI, API security, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
When your AI Assistant Becomes the Attacker’s Command-and-Control
Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.…
AI, API security, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
When your AI Assistant Becomes the Attacker’s Command-and-Control
Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.…
AI, API security, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
When your AI Assistant Becomes the Attacker’s Command-and-Control
Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.…
AI, API security, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
When your AI Assistant Becomes the Attacker’s Command-and-Control
Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.…
firewall, Global Security News, Hybrid Firewall, Network Security, Security
A Glimpse Into Cisco Mobile Infrastructure Security Developments
See how Cisco is helping mobile operators improve visibility, protect traffic at high speed, and keep security consistent from core to edge.
AI, Compliance, Cybersecurity, Data Breaches, Global Security News, malware, Network Security, privacy
We’re sorry. Wait, did a company actually say that?
Stop the press – a company has actually said “sorry” after a data breach, and hotels are helping hackers phish their own guests. In episode 444 of “Smashing Security” we examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig into a nasty hotel-booking malware campaign that…
china, ESET research, Global Security News, Network Security
PlushDaemon compromises network devices for adversary-in-the-middle attacks
ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks
enterprise security, Global Security News, Indicators of Compromise IOC Security, Intrusion Detection, Network Security, Security
Seeing Inside the Vortex: Detecting Living off the Land Techniques
Networking infrastructure is an often-overlooked threat surface being targeted by sophisticated threat actors. Learn more about this topic.
AI, Compliance, Cybersecurity, Endpoint, Global Security News, malware, Network Security, privacy, Russia
Inside the mob’s million-dollar poker hack, and a Formula 1 fumble
Basketball stars have allegedly joined forces with the mafia to fleece high-rollers in a poker scam involving hacked shufflers, covert cameras, and an X-ray card table. Meanwhile, researchers have found they could poke around an FIA driver portal to pull up the personal details of Formula 1 megastars. Plus: Graham’s “Pick of the Week” turns…
AI, Exploits, Global Security News, malware, Network Security, Risk Management
HTTPS by default
One year from now, with the release of Chrome 154 in October 2026, we will change the default settings of Chrome to enable “Always Use Secure Connections”. This means Chrome will ask for the user’s permission before the first access to any public site without HTTPS. The “Always Use Secure Connections” setting warns users before…
AI, Exploits, Global Security News, malware, Network Security, Risk Management
HTTPS by default
One year from now, with the release of Chrome 154 in October 2026, we will change the default settings of Chrome to enable “Always Use Secure Connections”. This means Chrome will ask for the user’s permission before the first access to any public site without HTTPS. The “Always Use Secure Connections” setting warns users before…
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
2025 Cisco Segmentation Report Sheds Light on Evolving Technology
A new report from Cisco shows that segmentation is a foundational security technology, but few are fully implementing both macro- and micro-segmentation today.
AI, Apps, Compliance, Cybersecurity, data breach, Data Breaches, Exploits, F5, forensics, Global Security News, Government & Policy, Information Security, Network Security, Risk Management
Think Your Firewall Is Safe? The F5 Hack Proves It’s the Perfect Trojan Horse
In what is being described as one of the most consequential cyber-espionage operations of the year, US technology vendor F5 Networks has confirmed that nation-state threat actors successfully infiltrated its internal environment, stealing source code and vulnerability intelligence related to its flagship BIG-IP product line — a core networking and application delivery system used by…
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Defining a Standard Taxonomy for Segmentation
We need a standardized taxonomy so organizations can evaluate, implement and manage segmentation projects most effectively.
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Defining a Standard Taxonomy for Segmentation
We need a standardized taxonomy so organizations can evaluate, implement and manage segmentation projects most effectively.
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Defining a Standard Taxonomy for Segmentation
We need a standardized taxonomy so organizations can evaluate, implement and manage segmentation projects most effectively.
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Defining a Standard Taxonomy for Segmentation
We need a standardized taxonomy so organizations can evaluate, implement and manage segmentation projects most effectively.
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Defining a Standard Taxonomy for Segmentation
We need a standardized taxonomy so organizations can evaluate, implement and manage segmentation projects most effectively.
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Defining a Standard Taxonomy for Segmentation
We need a standardized taxonomy so organizations can evaluate, implement and manage segmentation projects most effectively.
Global Security News, microsegmentation, Network Security, Network Segmentation, Security
Defining a Standard Taxonomy for Segmentation
We need a standardized taxonomy so organizations can evaluate, implement and manage segmentation projects most effectively.
AI, Compliance, Global Security News, Network Security, privacy
Lights! Camera! Hacktion!
When “bad actors” stop being hackers and start being… actual actors. This week, Graham and special guest Jenny Radcliffe play “Hacker or Ham?” (yes, Steven Seagal, we’re looking at you), before diving into a campaign which saw an Iranian gang luring Israeli performers with fake casting calls for a serious film. We unpack why positive…
AI, Compliance, Global Security News, malware, Network Security, privacy
How hackers turned AI into their new henchman
Your AI reads the small print, and that’s a problem. This week in episode 433 of “Smashing Security” we dig into LegalPwn – malicious instructions tucked into code comments and disclaimers that sweet-talks AI into rubber-stamping dangerous payloads (or even pretending they’re a harmless calculator). Meanwhile, new research from Anthropic reveals that hackers have already…
Cisco Zero Trust, Global Security News, microsegmentation, Network Security, Security, zero trust network access ztna
Get Ahead of the HIPAA Security Rule Update With Secure Workload
Cisco Secure Workload is foundational for organizations seeking to implement an effective microsegmentation strategy. It empowers orgs to safeguard assets.
Cisco Zero Trust, Global Security News, microsegmentation, Network Security, Security, zero trust network access ztna
Get Ahead of the HIPAA Security Rule Update With Secure Workload
Cisco Secure Workload is foundational for organizations seeking to implement an effective microsegmentation strategy. It empowers orgs to safeguard assets.
Cisco Zero Trust, Global Security News, microsegmentation, Network Security, Security, zero trust network access ztna
Get Ahead of the HIPAA Security Rule Update With Secure Workload
Cisco Secure Workload is foundational for organizations seeking to implement an effective microsegmentation strategy. It empowers orgs to safeguard assets.
edge security, Global Security News, Network Security, Secure Access Service Edge (SASE), Security
Cisco and KDDI Partner to Deliver Japan’s First Fully Managed SASE Solution
Explore how service providers are enabling faster, scalable SASE adoption with cloud-native security and networking solutions.
edge security, Global Security News, Network Security, Secure Access Service Edge (SASE), Security
Cisco and KDDI Partner to Deliver Japan’s First Fully Managed SASE Solution
Explore how service providers are enabling faster, scalable SASE adoption with cloud-native security and networking solutions.
