%term

Using pentest findings to inform insurance risk assessments

Feb 5, 2026 By Adam King In Sentrium

Cyber insurance is now a routine part of organisational risk management, particularly for organisations with complex IT estates and growing digital exposure. As cyber incidents continue to drive operational disruption and financial loss, insurers are placing greater emphasis on understanding the true level of cyber risk they are underwriting through insurance risk assessments. For senior IT leaders, this often creates friction.

Read Post

Sentrium

Read more about Using pentest findings to inform insurance risk assessments

Attackers exploited OpenClaw's popularity #cybersecurity #ai #podcast

Feb 5, 2026 By LimaCharlie In LimaCharlie

In this week's Intel Chat, Chris Luft and Matt Bromiley discuss how a malicious VS Code extension impersonated OpenClaw (formerly ClawdBot) to distribute remote access malware to developers. Matt breaks down a critical pattern: whenever there's a stampede toward new technology, threat actors will find a way to inject a malicious version of it. The episode also covers PeckBirdie (a JScript-based C2 framework), Shiny Hunters' massive phishing campaign, and a Russian cyberattack on Poland's power grid.

View Video

LimaCharlie

Read more about Attackers exploited OpenClaw's popularity #cybersecurity #ai #podcast

Advanced Web Shell Detection and Prevention: A Deep Dive into CrowdStrike's Linux Sensor Capabilities

Feb 5, 2026 By Falcon Adversary OverWatch In CrowdStrike

Web shells remain one of the most potent weapons in an adversary’s arsenal, particularly when targeting Linux servers and containers. These malicious scripts serve as powerful remote access tools with capabilities such as process execution, filesystem access, and tunneling of network connections.

Read Post

CrowdStrike

Read more about Advanced Web Shell Detection and Prevention: A Deep Dive into CrowdStrike's Linux Sensor Capabilities

Redefining Data Security: From Insight to Action

Feb 5, 2026 By Ben Crocker In Cyberhaven

Most organizations don't lack data security tools, they lack cohesion. Teams often layer DSPM solutions for discovery and classification on top of DLP tools for enforcement. On paper, this looks comprehensive. In practice, it creates friction: This is the platform problem: technology stitched together, not designed together. Solving it requires more than integrations, it requires a purpose-built platform that combines visibility, control, and action across all states of data.

Read Post

Cyberhaven

Read more about Redefining Data Security: From Insight to Action

Context-Driven Security: CTEM as a Necessity for Cybersecurity

Feb 5, 2026 By Nucleus Security In Nucleus

Nucleus Security's Adam Dudley talks about the platform's place in a highly functioning CTEM approach during a joint webinar with Cycode and HackerOne.

View Video

Nucleus

Read more about Context-Driven Security: CTEM as a Necessity for Cybersecurity

Building continuous compliance with Aikido and Comp AI

Feb 5, 2026 By Trusha Sharma In Aikido

Compliance evidence only works if it reflects the current state of the system. At Aikido, we’ve always treated compliance as a byproduct of good security, not a separate exercise teams need to prepare for. That’s why Aikido integrates with multiple compliance platforms. The goal is simple: let teams use the security data generated in Aikido wherever they run their compliance programs, without changing how they work or maintaining parallel processes.

Read Post

Aikido

Read more about Building continuous compliance with Aikido and Comp AI

Internet Exposure and Vulnerability Risk: Why Reachability Changes Everything

Feb 5, 2026 By Nucleus Security In Nucleus

In this conversation, Ryan Cribelar, R&D Engineer at Nucleus Security, breaks down why internet exposure is one of the most important layers of context in vulnerability and exposure management. Security teams are flooded with vulnerability data, but not every finding carries the same level of risk. As Ryan explains, whether a vulnerability is reachable from the internet can dramatically change how urgent it really is. Internet exposure shortens the path from discovery to exploitation and often determines whether a vulnerability is theoretical or immediately actionable.

View Video

Nucleus

Read more about Internet Exposure and Vulnerability Risk: Why Reachability Changes Everything

What's the Difference Between IAM and IGA?

Feb 5, 2026 By Keeper Security In Keeper

Identity and Access Management (IAM) and Identity Governance and Administration (IGA) are typically mentioned together, but they serve different purposes in identity security. In this short video, learn the key differences between IAM and IGA, why organizations need both and how KeeperPAM extends identity security into privileged environments.

View Video

Keeper

Read more about What's the Difference Between IAM and IGA?

Attackers Can Use LLMs to Generate Phishing Pages in Real Time

Feb 5, 2026 By KnowBe4 Team In KnowBe4

Researchers at Palo Alto Networks’ Unit 42 warn of a proof-of-concept (PoC) attack technique in which threat actors could use AI tools to generate malicious JavaScript in real time on seemingly innocuous webpages. “Once loaded in the victim's browser, the initial webpage makes requests for client-side JavaScript to popular and trusted LLM clients (e.g., DeepSeek and Google Gemini, though the PoC could be effective across a number of models),” the researchers write.

Read Post

KnowBe4

Read more about Attackers Can Use LLMs to Generate Phishing Pages in Real Time

What Are Insider Threats?

Feb 5, 2026 By Arctic Wolf Networks In Arctic Wolf

Cybersecurity isn’t only about defending against external attackers. Some of the most damaging risks come from within an organization. These are known as insider threats. An insider threat occurs when someone with authorized access—whether intentionally malicious or simply negligent—compromises systems, exposes data, or undermines security controls. This can result in data breaches, financial loss, regulatory issues, and long‑term reputational damage.

View Video