%term

11:11 Compliance Updates: Building a Foundation of Trust

May 20, 2026 By Scott Gray In 11:11 Systems

Building an enterprise IT infrastructure without a robust compliance program is like constructing a skyscraper on a foundation of sand. It might look impressive from the outside, but the moment the environment shifts, the entire structure is at risk. Compliance is the bedrock that ensures your digital transformation initiatives remain secure, stable, and resilient as your organization scales. At 11:11 Systems, we understand that keeping your data safe is a complex challenge.

Read Post

11:11 Systems

Read more about 11:11 Compliance Updates: Building a Foundation of Trust

Your Employees Are Waiving Attorney-Client Privilege Without Knowing It

May 20, 2026 By Teramind In Teramind

The Musk vs. OpenAI trial has drawn a lot of attention over the past few weeks, but there’s a quieter legal development that matters more to most organizations. In February 2026, a federal judge in New York issued the first ruling in the country to directly answer whether conversations with a consumer AI tool can be protected by attorney-client privilege. The answer was no, and the reasoning behind it has implications that extend well beyond the courtroom where it was decided.

Read Post

Teramind

Read more about Your Employees Are Waiving Attorney-Client Privilege Without Knowing It

How to Eliminate Static Credentials from Trading Infrastructure

May 20, 2026 By Gus Luxton In Teleport

Tatu Ylonen, the inventor of the SSH protocol, has long warned that a single stolen SSH key "can in many cases lead to compromise of the entire server environment." But in the bare-metal and private cloud infrastructure of high-frequency or quantitative trading firms, privileged access to trading infrastructure often depends on shared or static credentials like SSH keys or hardcoded API tokens.

Read Post

Teleport

Read more about How to Eliminate Static Credentials from Trading Infrastructure

Cyber Risk Management: Expert Insights for Enterprise Leaders

May 20, 2026 By Kovrr In Kovrr

‍ Cyber risk has long outgrown its classification as a technical concern. For organizations serious about protecting enterprise value, managing cyber exposure requires financial grounding and the ability to communicate risk in terms that drive real decisions at the board and executive level. The distance between organizations that manage cyber risk strategically and those that report on it comes down to measurement approaches and the programs built around it. ‍

Read Post

Kovrr

Read more about Cyber Risk Management: Expert Insights for Enterprise Leaders

Deeper Deepfakes - Why You Can No Longer Trust What You See

May 20, 2026 By Razorwire Cybersecurity In Razorthorn

It took 10 minutes and a free online tool to deepfake Jim’s voice, with no expertise and no cost involved.

View Video

Razorthorn

Security

Read more about Deeper Deepfakes - Why You Can No Longer Trust What You See

GitHub internal repositories breached

May 20, 2026 By Sophos X-Ops In Sophos

A malicious VS Code extension led to cloned private repositories, reportedly offered for sale on a criminal forum On May 19-20, 2026, GitHub confirmed a security incident affecting its own internal systems. A threat actor self-identifying as TeamPCP, also tracked as UNC6780, compromised an employee’s developer device by way of a malicious Visual Studio Code extension and used that foothold to clone roughly 3,800 of GitHub’s internal repositories.

Read Post

Sophos

Read more about GitHub internal repositories breached

Confluence Backup Best Practices

May 20, 2026 By Miłosz Jesis In GitProtect

Confluence is where teams keep operational knowledge: runbooks, architecture decisions, postmortems, HR policies, product specs, onboarding docs, and internal knowledge bases. Atlassian’s status pages show that disruption is not theoretical: on April 8, 2026, Atlassian reported search failures impacting multiple products, and on April 13, 2026, some users were unable to log in across Atlassian products.

Read Post

GitProtect

Read more about Confluence Backup Best Practices

How AI Is Transforming Detection Engineering

May 20, 2026 By Joshua Riccio In Arctic Wolf

One of the most important shifts AI enables in detection engineering is changing where engineers spend their time. Traditionally, a significant portion of detection development effort is consumed by implementation details: writing complex SQL queries, building enrichment pipelines, handling edge cases, tuning rule logic, writing tests, documenting detections, and repeatedly iterating on detection logic. Those tasks are necessary, but they are also time-consuming.

Read Post

Arctic Wolf

Read more about How AI Is Transforming Detection Engineering

An inside look at finding Leaked CISA AWS GovCloud Admin Keys on Github

May 20, 2026 By GitGuardian In GitGuardian

In this interview, GitGuardian security researcher Guillaume Valadon breaks down how GitGuardian discovered a public GitHub repository exposing CISA-related secrets, including plain-text passwords, AWS tokens, SAML certificates, CI/CD files, Kubernetes manifests, and internal operational documentation. We discuss how the leak was identified, why exposed secrets can create immediate risk, and how GitGuardian helped escalate the disclosure until the repository was taken offline within 26 hours.

View Video

GitGuardian

Read more about An inside look at finding Leaked CISA AWS GovCloud Admin Keys on Github

Sophos Firewall and Synchronized Security

May 20, 2026 By Chris McCormack In Sophos

Sophos Firewall and Synchronized Security Synchronized Security is a unique capability you won’t get anywhere else. If you look at what’s required to properly secure a modern network, it breaks down into three pillars: hardening, protection, and detection and response. Or another way to look at it: being equal parts proactive and reactive - or what you need to do before, during, and after an attack.

Read Post