Datastream
Enterprise Content
Microsoft Licensing (CSP)
verify explicitly
Zero Trust Cybersecurity
12 December 2025
The sheer scope of cybercrime can be hard to fathom, even when you live and breathe it every day. It’s not just the volume of data, but also the extent […]
12 December 2025
Cybersecurity researchers are calling attention to a new campaign that’s leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. “These repositories, often themed […]
12 December 2025
12 December 2025
Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found
12 December 2025
Analyst firm Gartner has issued a blunt warning to organizations: Agentic AI browsers introduce serious new security risks and should be blocked “for the foreseeable future.” Read more in my […]
12 December 2025
Introduction A typical phishing attack involves a user clicking a fraudulent link and entering their credentials on a scam website. However, the attack is far from over at that point. […]
12 December 2025
In the Microsoft Windows ecosystem, DLLs (Dynamic Load Libraries) are PE files like regular programs. One of the main differences is that they export functions that can be called by […]
12 December 2025
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
12 December 2025
A month with no Critical-severity Windows bugs is overshadowed by a mass of Mariner mop-up
11 December 2025
I have long maintained that smart contracts are a dumb idea: that a human process is actually a security feature. Here’s some interesting research on training AIs to automatically exploit […]
11 December 2025
11 December 2025
Being seen as reliable is good for ‘business’ and ransomware groups care about ‘brand reputation’ just as much as their victims
11 December 2025
This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants […]
11 December 2025
Post-exploitation frameworks Threat actors frequently employ post-exploitation frameworks in cyberattacks to maintain control over compromised hosts and move laterally within the organization’s network. While they once favored closed-source frameworks, such […]
11 December 2025
Several months ago, I got a Nucbox K8 Plus minicomputer to use as a Proxmox 9 server. At the time of this acquisition, I didn’t realize this minicomputer had an […]
11 December 2025
On this week’s show we learn that AI really can be a stalker’s best friend, as we explore a strange tale that starts with a manatee-shaped mailbox on a millionaire’s […]
10 December 2025
React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of previously undocumented malware […]
10 December 2025
10 December 2025
Interpreting the vast cybersecurity vendor landscape through the lens of industry analysts and testing authorities can immensely enhance your cyber-resilience.
10 December 2025
A major milestone: Sophos XDR delivers 100% detection coverage in the latest ATT&CK Evaluation.
10 December 2025
The FBI is warning of AI-assisted fake kidnapping scams: Criminal actors typically will contact their victims through text message claiming they have kidnapped their loved one and demand a ransom […]