Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DarkComet is a notorious Remote Access Trojan (RAT) malware employed in targeted attacks. It enables attackers to gain remote control over a victim’s computer, extract sensitive data, and conduct various malicious activities, including installing additional harmful software and creating botnets for spam distribution.

Protecting your organization from cyber threats and meeting compliance requirements is simpler than ever with the new Tripwire Enterprise 9.3 release, which includes the following enhancements.

In an April 2025 speech at the Exchequer Club, Acting Comptroller of the Currency Rodney Hood identified “expanding responsible bank activities involving digital assets” as one of the OCC’s top four strategic priorities.

The RSA Conference 2025-International Event was held at the San Francisco Moscone Center from April 28 to May 01, 2025. The previous promise turned into reality as more than 40,000 attendees-Namely, industry leaders, experts, vendors, and professionals worldwide-were drawn to the extremely lifelike conference that gave life to new ideas, innovations, and strategies to deal with the emerging cybersecurity threats challenges.

Partners in the defence supply chain, including manufacturers, distributors, and service providers, play a critical role in supporting national security initiatives. These entities frequently handle sensitive and classified information, which necessitates a robust framework of cybersecurity measures. To safeguard this sensitive data from potential breaches and cyber threats, they are required to adhere to stringent government-mandated cybersecurity protocols.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Can’t trust anyone any more…

For years, vulnerability scanners have been the cornerstone of enterprise security programs. But as organizations scaled, and as infrastructure, applications, and attack surfaces diversified, the single-scanner model broke down. Security teams now face a fragmented reality. Data pours in from dozens of sources: endpoint detection tools, cloud security platforms, application security testing, and more. Each of these systems generates findings with its own schema, priorities, and assumptions. The result?

Endpoint security compliance isn’t just about meeting regulatory requirements—it’s about building a robust security architecture that protects your organization from advanced threats. As more businesses adopt modern management frameworks for Windows devices, ensuring compliance while enhancing security is a critical challenge.

Picture this: it's 2021. You're an IT professional, scrolling through LinkedIn, when a message pings. "Bastion Secure," a new cybersecurity company, is hiring. The pay? Excellent. Remote work? Absolutely. A chance to tinker with cutting-edge tech? You bet. For dozens, this looked like the career lottery win. What they didn’t clock was that their new "employer" was the infamous cybercriminal syndicate, FIN7. This isn't just another tale of a clever job scam.

Your AI Agent just updated a vendor’s payment details in your Enterprise Resource Planning (ERP) system based on a seemingly harmless prompt. No data was exfiltrated. No access policy was violated. But now, a $250,000 payment is sitting in a fraudulent bank account. This is the new face of AI risk. As enterprises adopt AI Agents - either off the shelf or custom built, security teams are facing a fast-moving shift.