Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I got this Coinbase-related scam in my personal inbox last week. Coinbase is one of the world’s largest cryptocurrency exchange sites. So big and trusted, it’s the first cryptocurrency exchange to be added to the US S&P 500. I’ve been a Coinbase member from the beginning, so this email got my attention. I was pretty skeptical from the start, and upon further exploration, it was definitely a scam.

Commodity phishing kits are increasingly serving dynamically generated phishing pages, according to researchers at ESET. These kits allow unskilled threat actors to launch sophisticated attacks tailored to individual users. ESET describes one of these attacks, using a phishing email that informed the user of an unfamiliar sign-in to their account.

If it’s worth building, it’s worth securing. Vibe coding has been generating a lot of buzz. While automating and coding with AI isn’t new, vibe coding holds the promise of democratizing software development: simply describe what you want in natural language and let the LLM do the rest.

At this stage in AI's evolution, we’ve all heard the big promises - and overpromises - from vendors. But what about the people on the front lines of security operations? How are real practitioners feeling about using AI in their day-to-day work? In a recent webinar with guest speaker Allie Mellen, Principal Analyst at Forrester Research, we dug into how AI is actually being adopted in the SOC - what’s working, what’s not, and what's getting lost in the noise.

I’ve always had a love-hate relationship with traditional SOC. Many SOC teams do great work within this structure. But there are also serious issues with the three-tier model - it’s rigid, costly, and unsustainable for any company that isn’t a large enterprise. In the push to address these limitations, the concept of an “autonomous SOC” has emerged, with some vendors already claiming to offer fully autonomous solutions.

As 2025 unfolds, U.S. federal agencies are navigating significant operational shifts that are impacting their overarching cybersecurity strategies. Government security leaders have always emphasized stringent cybersecurity practices in the face of dynamic threats.

Trustwave has introduced MailMarshal Integrated Cloud. A new email security offering which is designed to deliver advanced, layered protection for organizations using Microsoft 365. MailMarshal Integrated Cloud is a cloud-native solution that provides a seamless, API-led security layer that enhances resilience against sophisticated email threats, making it even easier for organizations operating in a Microsoft 365 environment to create a layered defense.

Data protection is no longer just a best practice; it’s a mission-critical priority for every modern business. The ability to safeguard your data, meet compliance requirements, and restore operations quickly is what sets organizations apart in today’s digital-first world. That’s where 11:11 Systems steps in with its Advanced Backup solutions, designed to empower businesses with comprehensive, flexible, and easy-to-manage data protection tools.

When I started learning about cybersecurity, I thought it was only about firewalls and antivirus software. I didn’t know how fast things change and threats evolve. Whenever I felt like I had a handle on things, something new came in headlines: ransomware, phishing kits, zero-day attacks. It’s a lot. If you work in tech, you’ve probably felt that too. Even if cybersecurity isn’t your full-time job, it still touches everything. And keeping up with everything is not easy.