DoD Cyber Clause Flowdown: What Suppliers Must Do

The Department of Defense DFARS Cybersecurity Clause, more commonly known as the DoD Cyber Clause (or just DFARS 7012), is the long-standing set of rules the DoD has put in place for all members of the DoD supply chain and defense industrial base. It has also spread beyond those boundaries through the use of DFARS 7012 clauses in contracts for other parts of the federal government.

Comprehensive Guide to Implementing Asset Monitoring Solutions

Are you seeking support to avoid unexpected asset malfunctions? Companies utilize asset monitoring solutions to maintain equipment operations without disruptions while protecting against costly downtime periods and extending the life of important infrastructure. Here's the good news... These solutions implement more easily than anticipated but yield substantial advantages. Our guide demonstrates all necessary steps to establish an efficient asset monitoring system for your business.

Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari

Today, SquareX released new threat research on an advanced Browser-in-the-Middle (BitM) attack targeting Safari users. As highlighted by Mandiant, adversaries have been increasingly using BitM attacks to steal credentials and gain unauthorized access to enterprise SaaS apps. BitM attacks work by using a remote browser to trick victims into interacting with an attacker-controlled browser via a pop-up window in the victim's browser.

Corelight Recognized as a Leader in the 2025 Gartner Magic Quadrant for Network Detection and Response

Network Detection and Response (NDR) has emerged as a must-have capability of modern security operations (SecOps). NDR provides deep visibility, detection of advanced threats that evade other security tools, and rapid response capabilities to address the SecOps challenges of incomplete visibility, detection gaps, high SIEM and storage costs, and tool sprawl that impact accuracy, speed, and efficiency.

Why Risk Management is Now a Strategic Imperative for IT Leaders-and How Network Digital Twins Can Help

In 2025, risk management has climbed near the top of the CIO agenda—second only to AI adoption, according to the 2025 State of the CIO report. As global enterprises become more dependent on digital infrastructure, the consequences of network outages, misconfigurations, or security breaches have grown exponentially. CIOs, CISOs, and their teams now face the dual challenge of managing risk while enabling innovation.

Preventing Supply Chain Cyberattacks: Lessons from the Marks & Spencer Breach

As more details of the April ransomware attack on UK retailer Marks and Spencer are made public, we are directly witnessing the cascading repercussions that organizations face when victimized by a well-thought-out and properly executed attack. In the specific case of M&S, the UK retailer is dealing with a supply chain attack, as M&S CEO Stewart Machin confirmed in a published report.

What Are OWASP Top 10 Threats & When Will the Top 10 Be Updated?

The OWASP Top 10 is a security research project that outlines the ten most critical security risks to web applications. Published by the Open Worldwide Application Security Project (OWASP), it serves as a widely recognized benchmark for web application security. The list is compiled from data gathered by security experts and organizations worldwide, based on the prevalence, detectability, and impact of various vulnerabilities.

Capital One Customers Targeted By Credential Harvesting Phishing Campaign

The KnowBe4 Threat Lab has identified an active phishing campaign impersonating Capital One. The attacks are sent from compromised email accounts to help them evade reputation-based detection by native security and secure email gateways (SEGs). Once delivered, the attacks use stylized HTML templates and brand impersonation to trick the recipient into believing the communications are legitimate. Recipients who fall victim are directed to credential-harvesting websites.

DNS Security: Today's Most Common DNS Risks and Threats

Domain Name System (DNS) is a critical Internet service. DNS simplifies the process of finding Internet resources by resolving user-friendly domain names, such as splunk.com, into machine-readable IP addresses like 192.168.1.1. Many sophisticated cyberattacks rely on DNS activities. Let’s review the risks DNS services face and what organizations can do to guard against DNS attacks. We’ll cover the following critical DNS security topics.