Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Most security teams find out about a critical vulnerability after it's been added to CISA's Known Exploited Vulnerabilities (KEV) catalog. By then, the clock is already running. In Episode 3 of SecurityScorecard's Demo Tuesday series, see how TITAN AI Agents automate KEV remediation workflows — so your team spends less time triaging and more time closing exposures. Watch to learn how to: Instantly identify which vendors in your ecosystem are exposed to KEV-listed vulnerabilities.

Observability is not the problem anymore. The data that tells you a change will break something usually already exists. Most teams have the events, the logs, the configuration history. What is missing is the step that turns all of it into a clear yes or no on a specific change, while there is still time to pull it. Garrett Hamilton, CEO of Reach Security, on objective data and the changes that get made before anyone checks.

All North Korean IT worker schemes hinge on one thing: a willing participant in America. We found one, and knocked on her door. Experts have dubbed some of these Americans “laptop farmers.” The North Koreans call them “facilitators” – people willing to host multiple laptops in their home and happy to not ask too many questions. But identifying these people can be hard: unless you have access to a private Discord channel where North Korean IT workers talk freely among themselves.

This week on the podcast, we unpack the Claude Fable 5 release and subsequent revocation following an export control directive from the US federal government. After that, we cover the recent FortiBleed credential dump, discussing its likely origins, before reviewing the most recent Windows 0day disclosed by Nightmare Eclipse.

Gary Perkins, CISO at CISO Global explains what containment means related to incident response.

In this episode, host Richard Bejtlich and guest Ricky Lin explore the practical—and often personal—side of network defense: monitoring the home network. Ricky shares how he uses Corelight and Zeek to track everything from his children's YouTube habits to the constant chatter of IoT devices like Tesla vehicles and smart appliances. They delve into the "tinted windows" analogy to explain why visibility into encrypted traffic is still possible through network metadata, even when the contents are hidden.

A bug in Meta's AI-powered account recovery tool compromised 20,000 Instagram accounts. In this week's Intel Chat, Chris and Matt discuss how the flaw allowed attackers to bypass email verification. Meta patched the tool after discovering the abuse on May 31st. Matt's takeaway: tools given broad API access become attractive targets. Meta should have caught this in basic testing, yet it took an adversary to expose the weakness.

Fireblocks Co-founder and CEO Michael Shaulov joins NYSE Live at Money20/20 Europe to explain why the GENIUS Act unleashed stablecoin adoption, and what it means for banks, card networks, and the future of money movement.

Falcon Cloud Security correlates cloud exposures into prioritized attack paths and enriches them with CrowdStrike adversary intelligence, helping teams focus on the risks most likely to be exploited across AWS, Azure, and Google Cloud. Subscribe and stay updated!

This week’s briefing covers: Dive deeper.