%term

5 AI Mandates from Your Board: A Boardroom Mandate for AI-Driven Efficiency

Sep 10, 2025 By Beth Dannemiller In Securonix

In 2025, AI in cybersecurity is no longer optional—it’s a board-level expectation. CISOs aren’t being asked if they’re using AI; they’re being asked to show measurable outcomes: faster response, reduced noise, greater visibility, and ROI the board can trust. Security operations have become a boardroom priority.

Read Post

Securonix

Read more about 5 AI Mandates from Your Board: A Boardroom Mandate for AI-Driven Efficiency

BlueTeamCon 2025: Finding new approaches to security that don't let perfect stand in the way of better

Sep 10, 2025 By Dwayne McDaniel In GitGuardian

BlueTeamCon 2025 showed why progress beats perfection in cybersecurity. Explore highlights on visibility, AI safety, collaboration, identity, and pragmatic defense.

Read Post

GitGuardian

Read more about BlueTeamCon 2025: Finding new approaches to security that don't let perfect stand in the way of better

When Secure Isn't Safe Uncovering OWASP Top 10 Business Logic Abuse

Sep 10, 2025 By Wallarm In Wallarm

The OWASP Top 10 for Business Logic Abuse reveals the most critical ways attackers exploit the design of your applications, not just their code. Business logic abuse isn’t about SQL injection or XSS, it's about bypassing the rules, manipulating workflows, and triggering unintended behaviors in ways your functional tests never anticipated. Why this Matters? Attackers are shifting from exploiting code flaws to abusing the intended functionality of your applications.These logic-level threats are particularly dangerous because they.

View Video

Wallarm

Read more about When Secure Isn't Safe Uncovering OWASP Top 10 Business Logic Abuse

Times are Changing. How to Future-Proof Your Cybersecurity Career.

Sep 10, 2025 By Anthony Israel-Davis In Tripwire

Since the floodgates opened in November 2022 (at the arrival of ChatGPT), there has been one question on everyone’s mind: Is AI going to take my job? While the answers range from yes to no to maybe, there are ways to ride the AI wave without being subsumed by it. The way skilled professionals will do that, especially within cybersecurity, all depends on how well they know the industry—and how well they understand the value of their place in it.

Read Post

Tripwire

Read more about Times are Changing. How to Future-Proof Your Cybersecurity Career.

How To Build a HIPAA-Compliant Backup & Disaster Recovery Strategy

Sep 10, 2025 By Angela Beklemysheva In GitProtect

Backup solutions are key to security and data protection. For healthcare organizations, a reliable backup strategy not only enables rapid recovery after a disaster but also ensures operational resilience and helps maintain compliance with strict regulatory requirements like the Health Insurance Portability and Accountability Act (HIPAA).

Read Post

GitProtect

Read more about How To Build a HIPAA-Compliant Backup & Disaster Recovery Strategy

What Is an Endpoint?

Sep 10, 2025 By Keeper Security In Keeper

What exactly is an endpoint, and why does it matter? Watch this short video to learn what counts as an endpoint, the most common types and why protecting them is important for your personal and business data.

View Video

Keeper

Read more about What Is an Endpoint?

The Great NPM Heist - September 2025

Sep 10, 2025 By Adi Bleih In Cyberint

On September 8, 2025, the JavaScript ecosystem experienced what is now considered the largest supply chain attack in npm history. A sophisticated phishing campaign led to the compromise of a trusted maintainer’s account, resulting in the injection of cryptocurrency-stealing malware into 18+ foundational npm packages. These packages collectively accounted for over 2 billion weekly downloads, affecting millions of applications globally—from personal projects to enterprise-grade systems.

Read Post

Cyberint

Read more about The Great NPM Heist - September 2025

The Invisible Trick: How to Fool an AI Agent

Sep 10, 2025 By A10 Networks In A10 Networks

The Invisible Trick: How to Fool an AI Agent A10 Networks' security experts, Jamison Utter, Madhav Aggarwal, and Diptanshu Purwar, discuss a classic example of an adversarial attack that tricks an AI agent using the equivalent of invisible watermarks. Madhav explains how researchers used an invisible watermark in a research paper that, when scanned by an AI agent, would automatically trigger a positive review. This watermark was not visible to human reviewers. This clever manipulation highlights a significant vulnerability in AI models: they can be influenced by hidden data in their input.

View Video

A10 Networks

AI
Security

Read more about The Invisible Trick: How to Fool an AI Agent

EP 15 - Why banks need to treat machine identities like VIPs

Sep 10, 2025 By CyberArk In CyberArk

In this episode of Security Matters, host David Puner speaks with Andy Parsons, CyberArk’s Director of EMEA Financial Services and Insurance, whose career spans from the British Army to CISO and CTO roles in global financial institutions. Andy shares hard-earned lessons on leadership, risk management, and the evolving cybersecurity landscape in banking—from insider threats to machine identity governance and the rise of agentic AI.

View Video

CyberArk

Read more about EP 15 - Why banks need to treat machine identities like VIPs

"Yep, I got pwned. Sorry everyone, very embarrassing."

Sep 10, 2025 By Martin Kraemer In KnowBe4

In essence, that is the disclosure and notification message that the open-source developer "qix" sent to the world when he was social engineered to give up access credentials to his GitHub account. Using his account, the attackers inserted malware in a series of popular NPM packages to direct cryptocurrency payments to their own wallets.

Read Post