Information security

Information security

The organization puts on the prominent annual gathering of cybersecurity experts, vendors, and researchers that started in 1991 as a small cryptography event hosted by the corporate security giant RSA. RSAC is now a separate company with events and initiatives throughout the year, but its conference in San Francisco is still its flagship offering with tens of thousands of attendees each spring.

So much of the industry is based on experience and not education. You can learn all the lessons yourself, but it will take a lot longer. Learning from people who have seen enough things to have a strong intuition can help you be better and faster. In part, this is because the field is always changing. As bad actors constantly improve their techniques, the defenders must respond.

Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024. Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise. Specific offenders: Google Tag Manager (8% of violations), Shopify (5%), Facebook Pixel (4%).

For the past year, security researchers have been urging the global shipping industry to shore up their cyber defenses after a spate of cargo thefts were linked to hackers. The researchers say they have seen elaborate hacks targeting logistics companies to hijack and redirect large amounts of their customers' products into the hands of criminals, in what has become an alarming collusion between hackers and real-life organized crime gangs.

The Black Lotus Labs team at Lumen Technologies said it null-routed traffic to more than 550 command-and-control (C2) nodes associated with the AISURU/Kimwolf botnet since early October 2025. AISURU and its Android counterpart, Kimwolf, have emerged as some of the biggest botnets in recent times, capable of directing enslaved devices to participate in distributed denial-of-service (DDoS) attacks and relay malicious traffic for residential proxy services.

The new version combines lower costs with improved cybersecurity and offers up to 2 petabytes of storage in a 2U rack space. Companies are struggling with explosive data growth, increasing cyber threats, and limited budgets. Dell Technologies is responding to this with PowerStore 4.3, a platform that addresses storage challenges without compromising performance or security. The latest version brings innovations that double storage density and reduce energy costs.

January 13 marked another milestone for legacy systems, as support for the software - codenamed Longhorn Server - expired for customers that bought Microsoft Premium Assurance (PA). Extended support ended for Windows Server 2008 on January 14, 2020. It was possible to keep the lights on until January 10, 2023, via Extended Security Updates. A fourth year came courtesy of Azure, which took the code to January 9, 2024, but that was it for anyone without PA.

Silent Push said it discovered the campaign after analyzing a suspicious domain linked to a now-sanctioned bulletproof hosting provider Stark Industries (and its parent company PQ.Hosting), which has since rebranded to THE[.]Hosting, under the control of the Dutch entity WorkTitans B.V., is a sanctions evasion measure. The domain in question, cdn-cookie[.]com, has been found to host highly obfuscated JavaScript payloads (e.g., "recorder.js" or "tab-gtm.js") that are loaded by web shops to facilitate credit card skimming.

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary actions as that user. The vulnerability, tracked as CVE-2025-12420, carries a CVSS score of 9.3 out of 10.0 "This issue [...] could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform," the company said in an advisory released Monday.

On Jan. 12., BleepingComputer reported that multiple repositories appeared on Gitea, apparently containing parts of internal code and developer documentation belonging to the major retailer Target . As of today, Jan. 13, multiple employees of the retailer have confirmed the leaked materials are authentic. As of current reports, the threat actor behind this incident is unknown. Likewise, it is unclear whether this exposure is due to a leakage, a breach or an insider's action.

Attackers place malicious QR codes in high-traffic areas, often disguised as legitimate promotional materials or utility services. Physical mail containing QR codes purporting to be from legitimate services, particularly effective for package delivery and financial service scams. While QR codes represent a small percentage, their unique evasion capabilities and growing adoption rates make them vectors with huge latent potential.

Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that's capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform. The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still available on the Chrome Web Store as of writing. It was first published on September 1, 2025, by a developer named "jorjortan142."

So-called 'dual-channel' attacks using multiple methods of communication either simultaneously or in sequence are becoming more prevalent as digital fraudsters seek out new ways to defeat cyber protections against business email compromise (BEC) scams, according to new data from security services supplier LevelBlue. BEC attacks - which spoof trusted entities, often c-suite executives, then use their identities to convince victims to transfer money into the attackers' pockets - have long been a bugbear for enterprise defenders.

Any industry that revolves around AI in some way has seen a boost in the stock market, and cybersecurity may be one of the most promising opportunities. As AI efforts expand, companies will have more data that they must safeguard from hackers. Cybersecurity stocks have been long-term winners thanks to their annual recurring revenue models and how valuable they are for companies. The value of cybersecurity firms should continue to rise as AI makes their services more essential.

But here's the truth: I don't recommend using it. Having a USB port on the router sounds convenient, but there are a few problems. The fact is that USB ports on routers aren't secure. Many of them operate on outdated protocols, creating vulnerabilities that can be exploited by bad actors. This doesn't mean the entire router is compromised, but the USB port can be a weak link. Using it is not a risk worth taking, especially when safer alternatives are available.

The National Institute of Standards and Technology (NIST) recently released NIST IR 8596, the Initial Preliminary Draft of the Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile). The document establishes a structured approach for managing cybersecurity risk related to AI systems and the use of AI in cyber defense, organised around three focus areas: Securing AI System Components (Secure), Conducting AI-Enabled Cyber Defense (Defend), and Thwarting AI-Enabled Cyber Attacks (Thwart).

Not all online casinos handle verification in the same way. Some operators apply full identity checks at registration, requiring documents before gameplay begins. Others allow players to register and play immediately, postponing verification until certain thresholds are met. This distinction is central to how modern casino platforms are structured. Many newer operators rely on payment-based identification, automated risk scoring, and transaction monitoring rather than immediate document uploads.

We have already discussed in the previous two articles about file and folder permissions along with special permissions that are supported in linux. The permissions are effective for many scenarios. But what happens when you need more granularity? How do you grant write access to a file to just one specific user who isn't the owner and isn't in the owning group?

Following this decision, Verizon must follow a looser set of guidelines set by the CTIA wireless trade group, which says carriers should only unlock a customer's postpaid phone after their contract is up, when they finish paying off the device, or following the payment of an early termination fee. Meanwhile, the CTIA's code says carriers should unlock prepaid phones "no later than one year after initial activation."

Starting today, Microsoft is making it more difficult for cyber attackers to infiltrate organizations via Teams. A new update now blocks dangerous file types and malicious URLs, unless companies explicitly change the default settings. The new features were already known, but will activate automatically today for organizations that have not tampered with the default settings. Companies with customized configurations will not notice the change; their settings will remain intact.

The allegedly stolen user data was later posted to shinyhunte[.]rs, alongside a message from a self-described cyber outlaw calling himself "James," who appeared keen to make sure his handiwork didn't go unnoticed. Have I Been Pwned's listing of the incident shows that the breach occurred before law enforcement's October 2025 takedown of the BreachForums domain, and that the leak comprised roughly 324,000 unique email addresses, usernames, and Argon2-hashed passwords, pulled from public posts, private messages, and other forum records.

At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam centers across Southeast Asia, creating special economic zones that are devoted to fraudulent investment and impersonation operations. These compounds are host to thousands of people who are lured with the promise of high-paying jobs, only to have their passports and be forced to conduct scams under the threat of violence. INTERPOL has characterized these networks as human trafficking-fuelled fraud on an industrial scale.

Midway through a decade that is coming to be defined by the runaway acceleration of technological change, the threat of ransomware attacks seems to be dropping down the agenda in boardrooms around the world, with C-suite executives more concerned about growing risks arising from artificial intelligence (AI) vulnerabilities, cyber-enabled fraud and phishing attacks, disruption to supply chains, and exploitation of software vulnerabilities.

2026 will mark the inflection point where the global economy transitions from "AI-assisted" to "AI-native." We won't just adopt new tools, we'll build a new economic reality: The AI Economy. Autonomous AI agents, entities with the ability to reason, act and remember, will define this new era. We'll delegate key tasks to these agents, from triaging alerts in the security operations center (SOC) to building financial models for corporate strategy.

To all employees, this company takes data protection very seriously. It has a material impact on our operations. The CIO and IT Director are in charge of those policies. If one of them comes to your business unit and gives you an instruction, take it as seriously as you would instructions from any other C-level, including myself. As of this date, know this: If you disregard or otherwise violate any IT instruction, you better pray that they are wrong.

The Transportation Security Administration (TSA) will expand a touchless identification process for members of its TSA PreCheck program during airport screening to dozens of new airports this year. The TSA PreCheck Touchless ID line has been popping up at large airports across the country and is currently available at 20 different locations. But this year, the agency confirmed to Travel + Leisure it will expand the program to 45 new airports from Boston to San Diego and beyond.

As we move further into 2026, the "cloud-first" approach has become the global standard. However, this shift has also introduced a paradox: while the cloud makes scaling easier, it makes security more complex. For modern enterprises, staying ahead of sophisticated, AI-driven threats requires a dual-layered strategy. The most successful organizations today are winning by combining the operational excellence of cloud managed IT services with the proactive precision of a high-performance Vulnerability Scanner.