If ever there were a lawsuit in which a jury and judge should have ruled against both the accuser and the defendants, Elon Musk’s suit against OpenAI and Microsoft was it. The high-profile legal battle pitted the world’s richest man against a company worth more than $3 trillion, another that might soon launch a $1…
Tag: there
AI, Apps, Cloud Security, Compliance, Exploits, Global Security News, malware, Risk Management
Well-architected best practices for software supply chain security
There have been multiple notable supply chain attacks using the npm Registry since September: Shai-Hulud, Chalk/Debug, one abusing tea.xyz tokens, and recently axios. Thanks to community efforts involving the Amazon Inspector team, the Open Source Security Foundation, and others, the affected packages were quickly flagged, which reduced the impact of these incidents. Supply chain attacks…
Global Security News
When Identity is the Attack Path
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do – a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single key, which was easily accessible to a minor-league attacker, could have…
AI, Cybersecurity, Global Security News
Cyber Pros Can’t Decide If AI Is a Good or a Bad Thing
There is nothing cybersecurity professionals are more excited about, and nothing they fear more, than AI.
AI, Cloud Security, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management
Why the best security investment a board can make in 2026 isn’t another tool
There is a conversation that happens in boardrooms every quarter that security leaders will recognize. The CISO presents the threat landscape. The board asks what the company needs. The answer, almost always, is another tool. Another platform, another module, another vendor to close the latest gap. The budget gets approved. The tool gets deployed. And…
AI, Global Security News
Jobs lost to AI could reappear elsewhere — and solidify AI-focused roles
There are conflicting signals about whether AI is creating or destroying jobs, though many companies have blamed the technology for recent cuts. Analysts and industry experts say the reality is more nuanced: jobs being lost now to AI will likely reappear elsewhere, especially for those with hands-on AI experience. In other words, while AI may…
AI, Global Security News
Oracle rolls out monthly security patch updates
Oracle is changing how its security fixes are delivered: starting in May 2026, there will be a monthly Critical Security Patch Update. “Each [monthly] CSPU is smaller and more focused, making it easier to apply critical fixes quickly [to customer-managed deployments],” Oracle says. Quarterly Critical Patch Updates (CPUs) remain in place and will continue to…
Global Security News
The AI Splurge Is Costing Big Tech Its Workforce
Layoffs might lift some efficiency measures, but there are other considerations.
AI, Global Security News, malware
A .WAV With A Payload, (Tue, Apr 21st)
There have been reports of threat actors using a .wav file as a vector for malware. It’s a proper .wav file, but they didn’t use staganography. The .wav file will play, but you’ll just hear noise: That’s because the TAs have just replaced the bytes that encode the sound with the BASE64 representation of their…
AI, Global Security News, Network Security
Network segmentation projects fail in predictable patterns
Most enterprise networks have segmentation on the roadmap. Many have had it there for years. A survey of 400 U.S.-based network security practitioners who lived through failed segmentation projects finds that failure clusters into four distinct patterns, and the type of failure a team experiences depends heavily on the kind of environment and approach they…
Global Security News
The hidden productivity cost of file format incompatibility in SMB environments
GUEST OPINION: SMBs have few resources, and efficiency is frequently a priority. Nonetheless, there is one issue that is still posing a challenge to workflows, and that is the incompatibility of file formats.
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
The zero-day timeline just collapsed. Here’s what security leaders do next
A zero-day is not frightening because it is sophisticated. It is frightening because it is unknown. There is no patch in the moment it matters most. That single condition undermines the comfort most security programs rely on: time. In the past, attackers didn’t need zero-days because they relied on predictable failures in patching and credential…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
The zero-day timeline just collapsed. Here’s what security leaders do next
A zero-day is not frightening because it is sophisticated. It is frightening because it is unknown. There is no patch in the moment it matters most. That single condition undermines the comfort most security programs rely on: time. In the past, attackers didn’t need zero-days because they relied on predictable failures in patching and credential…
Global Security News
Block the Prompt, Not the Work: The End of “Doctor No”
There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build. It doesn’t enable. Its entire function is to say “No.” No to ChatGPT. No to DeepSeek. No to the file-sharing tool the product team swears by. For years, this looked like security. But…
AI, Global Security News, Risk Management
AI threatens jobs that can be ‘unbundled’
There have been plenty of warnings about job losses due to AI, particularly in the world of IT and in the reduction of entry-level positions. Doom mongers’ claims that AI is going to eradicate all our jobs look to be exaggerated but there is little room for complacency as there are some roles most definitely…
AI, Cybersecurity, Global Security News
Is Gmail A Social Media? [Here’s The ANSWER]
There has been an unending debate regarding the media status of Gmail. Is Gmail a social media? A lot of internet users ask the question – is it social media or just another messaging platform? You will find out in this article. Social media has made the world a global village where you can connect…
AI, Global Security News, Risk Management
Severe Cyclone Narelle Category 5 Approaches with 260km/h Winds, as Readiness Becomes Critical
There is a particular kind of silence that settles over a community before a cyclone hits. It is not calm. It is anticipation. You hear it in the way people speak at the local servo, in the steady cadence of official briefings, in the quiet urgency of people preparing their homes. Far North Queensland is…
AI, Exploits, Global Security News
Fraudsters are using public planning records to target permit applicants
If you’re in the middle of applying for a planning or zoning permit, there is some unwelcome news: cyber-criminals have found a way to exploit the bureaucratic tedium of the process against you. Read more in my article on the Fortra blog.
Global Security News
What Is a Constituent Relationship Management Platform?
There are always organizations that want to build a stronger connection with their supporters, clients, or donors. A constituent relationship management platform enables you to cultivate these vital relationships. A system like this can consolidate information from all stakeholders into a single access point, enabling organizations to reach their audiences more effectively and, at the…
AI, Cybersecurity, Global Security News
The Multichain Trader’s Missing Tool Is Here. Banana Gun Built It.
In the latest development, the multichain trader’s missing tool is here and Banana Gun built it. There is a specific frustration that every serious on-chain trader knows. The token launch is on Solana. Your snipe bot is configured for Ethereum. By the time you switch sessions, the entry is gone. Banana Gun’s unified Telegram bot…
Global Security News
How Technology Is Quietly Transforming the Way Businesses Scale
There was a time when scaling a business meant opening a new location, hiring more staff, and spending heavily on infrastructure. Today, the rules have changed entirely. Technology has become the silent engine behind business growth, working in the background while entrepreneurs focus on what they do best. The transformation is not loud or dramatic…
AI, Cybersecurity, Global Security News, Russia
Notorious ransomware gang allegedly blackmailed by fake FSB officer
There is a certain poetic justice in a cybersecurity-related story that has emerged from Moscow this week: A man has been accused of trying to extort money… from a notorious Russian ransomware gang. Read more in my article on the Hot for Security blog.
Global Security News
How learning management system software integrates with HR and productivity tools
GUEST OPINION: Modern teams rely on a stack of digital tools. There is a platform for communication, like Slack or Teams. Another system handles HR data and payroll. Project management lives in Asana or Trello. And then there is the learning platform sitting alone in the corner.
AI, china, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia
The rise of the evasive adversary
Since the earliest days of the internet, there has never been a let-up in adversarial activity. According to CrowdStrike’s just-released 12th annual Global Threat Report, malicious activity in cyberspace continues to not only accelerate but also expand its scale and increasingly abuse the trust of targeted organizations. The good news is that, despite discussion of…
Global Security News
Why the future of business travel depends on HR and IT aligning
GUEST OPINION: For most organisations, there is a clear line between people and technology; HR shapes culture and policy, while systems and processes are governed by IT.
AI, Global Security News, Google, Productivity Software, Security, privacy, Risk Management
11 steps to smarter Google account security
There are important accounts to secure, and then there are important accounts to secure. Your Google account falls into that second category, maybe even with a couple of asterisks and some neon orange highlighting added in for good measure. I mean, really: When you stop and think about how much stuff is associated with that…
AI, Artificial Intelligence, Generative AI, Global Security News, Risk Management
AI chatbots are worse than search engines for medical advice
There is a clear gap between the theoretical medical knowledge of large language models (LLMs) and their practical usefulness for patients, according not a new study from the Oxford Internet Institute and the Nuffield Department of Primary Care Health Sciences at the University of Oxford. The research, conducted in collaboration with MLCommons and other institutions,…
AI, Apps, Email Clients, Microsoft 365, Microsoft Exchange, Office Suites, Productivity Software, Global Security News
After years of warnings, Microsoft is finally pulling the plug on EWS
It’s for real this time: After nearly 20 years, there will soon be no more Exchange Web Services (EWS) in Microsoft Exchange Online. The API will be disabled by default on October 1, 2026, and will be completely shut down on April 1, 2027, with “no exceptions.” Organizations must have switched to Microsoft Graph by…
AI, CryptoCurrency, dark web, Global Security News, Guest blog, Incognito Market, Law & order
Incognito Market admin sentenced to 30 years for running $105 million dark web drug empire
He promised “the best security there is” to hundreds of thousands of drug buyers, while quietly making the kind of mistake that guaranteed a 30-year sentence. And maybe training police on cryptocurrency while running a running a vast Tor-hidden drug bazaar wasn’t such a good idea. Read more in my article on the Hot for…
AI, Enterprise, Global Security News, Government & Policy, Meta, metaverse, News, Risk Management
Does Meta Have a Death Wish?
There are times when I’m convinced that Meta (formerly known as Facebook) has a death wish. The reasons include uneven moderation, large numbers of scam ads, a corporate structure that gives too much power to the CEO – who often seems out of control – and what appears to be a war on governments. None…
AI, Global Security News, Government & Policy, Risk Management
Does Meta Have a Death Wish?
There are times when I’m convinced that Meta (formerly known as Facebook) has a death wish. The reasons include uneven moderation, large numbers of scam ads, a corporate structure that gives too much power to the CEO – who often seems out of control – and what appears to be a war on governments. None…