Datastream
Enterprise Content
Microsoft Licensing (CSP)
verify explicitly
Zero Trust Cybersecurity
4 November 2025
Think you could never fall for an online scam? Think again. Here’s how scammers could exploit psychology to deceive you – and what you can do to stay one step […]
4 November 2025
Tanya Janca is a globally recognized AppSec (application security) expert and founder of We Hack Purple. In this episode, she shares wild stories from the front lines of cybersecurity. She […]
3 November 2025
Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck. According to Secure Annex’s John Tuckner, the extension in […]
3 November 2025
XWiki describes itself as “The Advanced Open-Source Enterprise Wiki” and considers itself an alternative to Confluence and MediaWiki. In February, XWiki released an advisory (and patch) for an arbitrary remote code […]
3 November 2025
These days, the most important meeting attendee isn’t a person: It’s the AI notetaker. This system assigns action items and determines the importance of what is said. If it becomes […]
3 November 2025
3 November 2025
When every minute counts, preparation and precision can mean the difference between disruption and disaster
3 November 2025
The 2 billion email address stealer log breach I talk about this week is almost ready to go at the time of writing. It’s been massively time-consuming, massively expensive (we […]
2 November 2025
A Ukrainian man indicted in 2012 for conspiring with a prolific hacking group to steal tens of millions of dollars from U.S. businesses was arrested in Italy and is now […]
1 November 2025
The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks targeting unpatched Cisco IOS XE devices in the country with a previously undocumented implant known as BADCANDY. […]
1 November 2025
Post Content
31 October 2025
I can’t believe that I haven’t yet posted this picture of a giant squid at the Smithsonian. As usual, you can also use this squid post to talk about the […]
31 October 2025
OpenAI has announced the launch of an “agentic security researcher” that’s powered by its GPT-5 large language model (LLM) and is programmed to emulate a human expert capable of scanning, […]
31 October 2025
Debates over the effectiveness of phishing simulations are widespread. Sophos X-Ops looks at the arguments for and against – and our own phishing philosophy
31 October 2025
31 October 2025
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
30 October 2025
The threat group targeted a LANSCOPE zero-day vulnerability (CVE-2025-61932)
30 October 2025
Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 billion suspected malicious calls and messages every month. The tech […]
30 October 2025
The UK Information Commissioner’s Office (ICO) has levied a fine of £200,000 against a sole trader who sent almost one million spam text messages to people across the country – […]
30 October 2025
This week, I noticed some new HTTP request headers that I had not seen before: X-Request-Purpose: Research and X-Hackerone-Research: plusultra X-Bugcrowd-Ninja: plusultra X-Bug-Hunter: true The purpose of these headers appears […]
30 October 2025
Interesting article about the arms race between AI systems that invent/design new biological pathogens, and AI systems that detect them before they’re created: The team started with a basic test: […]