It was a cold and wet Thursday morning, sometime in early 2006. There I was sitting at the very top back row of an awe-inspiring lecture theatre inside Royal Holloway's Founder’s Building in Egham, Surrey (UK) while studying for my MSc in Information Security. Back then, the lecture in progress was from the software security module. The first rule of software security back then was never to trust user inputs.

Self-Sovereign Identity (SSI) is the latest privacy and security model that uses blockchain and cryptography to put you in control of your own identity. In this blog, we will dive into what SSI is all about, its core principles, real-life uses, and why it is set to transform how we manage identities in todays digital world.

As cyber threats get trickier—with ransomware attacks happening every 11 seconds, and each attack costing between $350,000 and $1.4 million on average—businesses want to beef up their defenses without spending too much. More companies are using Extended Detection and Response (XDR) to simplify their security work and cut costs. XDR provides an answer that can help businesses do more with less tackling common problems like too many tools complex security setups, and high running costs.

The FBI issued an advisory on December 3rd warning the public of how threat actors use generative AI to more quickly and efficiently create messaging to defraud their victims, echoing earlier warnings issued by Trustwave SpiderLabs. The FBI noted that publicly available tools assist criminals with content creation and can correct human errors that might otherwise serve as warning signs of fraud.

ByteCodeLLM is a new open-source tool that harnesses the power of Local Large Language Models (LLMs) to decompile Python executables. Furthermore, and importantly, it prioritizes data privacy by using a local LLM that you can run under any environment, like old laptops and VMs. ByteCodeLLM is the first decompile program that manages to decompile the latest versions of Python 3.13 locally.

Update: Dec 11, 2024. Find the latest information in our follow-up security bulletin. On December 7, 2024, Arctic Wolf began observing a novel campaign exploiting Cleo Managed File Transfer (MFT) products across several customer environments. Initial indications of malicious activity in this campaign were identified as early as October 19, with a sharp increase in early December.