Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

The Mega Impact of AI-Driven Disinformation Campaigns

The amount of money to run an AI-based disinformation campaign is miniscule compared to the influence the campaign can have on society. As I noted in my recent SecurityWeek piece “Preparing Society for AI-Based Disinformation Campaigns in the 2024 US Elections”, there are four common steps in these efforts: Reconnaissance, content creation, amplification and actualization.

Bringing the Light into the Dark Places: Invisible Threats, Visible Solutions

What is the biggest cybersecurity challenge facing companies worldwide? The answer may vary depending on who you ask, but one indisputable fact remains clear: “What you can’t see, can and will hurt you.” Cyber threats lurk in the depths of the digital world, constantly evolving, poised to strike unsuspecting victims. They often strike by compromising unseen connected devices which, experience has proven, represent up to 50% of all devices on a network.*

Department of Justice disrupts Moobot botnet commandeered by Russian APT28: analysis of attacks against routers and malware samples

On February 15, the US Department of Justice announced “Operation Dying Ember”: the takedown of a botnet controlled by APT28, the Russian military cyber threat actor also known as Fancy Bear. APT28 was previously known for developing the VPNFilter botnet, which targeted routers and network attached storage devices and was also disrupted by the DoJ in 2018.

Why should OT Companies follow NIS2: Safeguarding Critical Infrastructure in a Digitally Connected Era

The digital transformation of industrial landscapes has brought unprecedented advancements in efficiency and productivity for Operational Technology (OT) companies. But this surge in connectivity exposes critical infrastructure to heightened cybersecurity risks, such as: To address these risks, OT companies should adhere to the guidelines in the European Union’s Directive on Security of Network and Information Systems (NIS2).

2023 Global Threat Roundup: Trends in Cyberattacks, Exploits and Malware

Our inaugural 2022 threat roundup report started by observing that “the year 2022 was eventful for cybersecurity.” As you can imagine, 2023 was no less eventful. Some of the key events included ongoing conflicts and the appearance of new ones, the emergence of critical vulnerabilities being mass exploited and the ever-increasing threat of cybercrime.

The Road Ahead: What Awaits in the Era of AI-Powered Cyberthreats?

Artificial intelligence (AI) is rapidly infiltrating the business world and our daily lives. While revolutionizing how – and how efficiently – work gets done, it also introduces a new set of cybersecurity challenges. In response to the evolving, AI-shaped threat landscape, I foresee organizations adopting robust countermeasures.

Clearing the Fog of War - A critical analysis of recent energy sector cyberattacks in Denmark and Ukraine

The “fog of war” is a military term used to denote the uncertainty and confusion experienced on the battlefield. During periods of growing geopolitical conflict, it becomes increasingly hard to keep pace with new developments.

SOC Efficiency is the New Imperative

The cybersecurity landscape is currently undergoing significant changes. Many organizations have followed the guidance of analysts by investing in top-of-the-line products and solutions. However, they are now facing unexpected challenges. These challenges include steep financial burdens, a lack of the expected return on investment, and the persistent ability of hackers to breach their security defenses.

Forescout Vedere Labs discloses 21 new vulnerabilities affecting OT/IoT routers

Forescout Vedere Labs has identified a total of 21 new vulnerabilities affecting Sierra Wireless AirLink cellular routers and some of its open source components such as TinyXML and OpenNDS, which are used in a variety of other products.