Rethinking Security Resilience And Getting Back To Basics At CornCon 11
CornCon 11 emphasized security basics, real-world risk alignment, and sustainable practices to help teams build resilient programs in today’s complex threat landscape.
Critical Intelligence Alert: ED 26-01 - Action Required
On October 15, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive ED 26-01, ordering federal agencies to mitigate a significant security breach involving F5 BIG-IP products. F5 disclosed that nation-state threat actors maintained long-term unauthorized access to internal systems, exfiltrating: This breach represents a major risk to organizations running F5 devices, especially those with exposed management interfaces or unpatched systems.
Phishing-Resistant MFA Explained: Why Your Business Needs It
Phishing attacks are growing more advanced, putting businesses at risk. To stay secure, organizations must move beyond traditional MFA and adopt phishing-resistant MFA.
CSAM 2025
Strong passwords are critical to staying safe online. Use a password manager to take the strain and ease the pain of thinking them up. Avast Secure Browser has one built-in.
How to Ensure Data Privacy with AI: A Step-by-Step Guide
AI sits in everyday workflows: assistants answering customer questions, copilots helping developers, and RAG apps searching internal knowledge. That means personal and sensitive data flows through prompts, vector stores, and integrations you didn’t have a year ago. Privacy can’t be an end-of-quarter compliance push anymore. It needs to live in your pipelines and apps the way logging and monitoring do.
Why Security Can Be Stricter: A Zero Trust Approach to AppSec with AI | Mend.io
Is AI making application security easier or harder? We spoke to Amit Chita, Field CTO at Mend.io, the rise of AI agents in the Software Development Lifecycle (SDLC) presents a unique opportunity for security teams to be stricter than ever before. As developers increasingly use AI agents and integrate LLMs into applications, the attack surface is evolving in ways traditional security can't handle. The only way forward is a Zero Trust approach to your own AI models. Join Ashish Rajan and Amit Chita as they discuss the new threats introduced by AI and how to build a resilient security program for this new era.
A Brief History of Ransomware
Ransomware is not new, but the ransomware of today is very different from the ransomware of 1989. Today’s episode doubles as a history lesson, as Adam and Cristian look back at how a prolific global threat has evolved over the decades.
Active Exploits Target Oracle EBusiness Suite (CVE202561882)
A critical zero‑day (CVSS 9.8) in Oracle E‑Business Suite (EBS) versions 12.2.3 – 12.2.14 (CVE‑2025‑61882) allows unauthenticated remote code execution (RCE) via the BI Publisher Integration in the Concurrent Processing module, actively exploited in the wild by Cl0p and other threat actors.
From Sibos to Seoul: The World Goes Back to School on Stablecoins
Does anyone even still remember August? A busy back-to-school September reconnected us through digital asset events and major policy announcements.
Zero Trust in DevSecOps Pipelines: Securing CI/CD Pipelines
Your CI/CD pipeline may also be the rocket that propels your business, but it can also be the silent killer that will blow up all that you have created. Think about it. You have automated code builds, testing, and deployments. Your people are driving features at light speed. Customers are happy. Revenue is growing. But beneath the surface? A single crack will cause the entire system.