Author: Andy Stern
-
Booz Allen Announces General Availability of Vellox Reverser to Automate Malware Defense
The AI-powered product delivers expert-grade malware analysis and reverse engineering in minutes. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/booz-allen-announces-general-availability-vellox-reverser
-
CISA will shutter some missions to prioritize others
Tags: cisaThe agency has lost roughly one-third of its workforce since January 2025. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-cybersecurity-division-reorganization/812155/
-
Those ‘Summarize With AI’ Buttons May Lying to You
Microsoft uncovered AI recommendation poisoning in 31 companies across 14 industries, and turnkey tools make it trivially easy to pull off. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/summarize-ai-buttons-may-be-lying
-
Google finds state-sponsored hackers use AI at ‘all stages’ of attack cycle
The research underscores how AI tools have matured in their cyber offensive capabilities, even as it doesn’t reveal novel or paradigm shifting uses of the technology. First seen on cyberscoop.com Jump to article: cyberscoop.com/state-hackers-using-gemini-google-ai/
-
MSP Strategic Defense: Where Prevention Meets Compliance
<div cla Imagine a modern office building. Not everyone who works there can go everywhere. Employees can access the building entrance, their own floor, and the meeting rooms they need, but they can’t (and shouldn’t be able to) walk into the server room, access executive offices, or wander freely across every floor. This may seem…
-
New Windows LNK spoofing issues aren’t vulnerabilities
Today, at Wild West Hackin’ Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-new-windows-lnk-spoofing-issues-arent-vulnerabilities/
-
Roses Are Red, AI Is Wild: A Guide to AI Regulation
AI regulation doesn’t have to be romanticized or feared. Understand what matters in AI governance, compliance, and SaaS risk management. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/roses-are-red-ai-is-wild-a-guide-to-ai-regulation/
-
Who’s the bossware? Ransomware slingers like employee monitoring tools, too
As if snooping on your workers wasn’t bad enough First seen on theregister.com Jump to article: www.theregister.com/2026/02/12/ransomware_slingers_bossware/
-
Roses Are Red, AI Is Wild: A Guide to AI Regulation
AI regulation doesn’t have to be romanticized or feared. Understand what matters in AI governance, compliance, and SaaS risk management. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/roses-are-red-ai-is-wild-a-guide-to-ai-regulation/
-
Odido confirms massive breach; 6.2 Million customers impacted
Hackers accessed data from 6.2 million Odido accounts, exposing names, contacts, bank details, and ID numbers. Subsidiary Ben also warned customers. Hackers broke into Dutch telecom firm Odido and accessed data from 6.2 million accounts. The company confirmed the breach and said attackers took names, addresses, phone numbers, email addresses, bank account details, dates of…
-
NDSS 2025 PBP: Post-Training Backdoor Purification For Malware Classifiers
Session 12B: Malware Authors, Creators & Presenters: Dung Thuy Nguyen (Vanderbilt University), Ngoc N. Tran (Vanderbilt University), Taylor T. Johnson (Vanderbilt University), Kevin Leach (Vanderbilt University) PAPER PBP: Post-Training Backdoor Purification for Malware Classifiers In recent years, the rise of machine learning (ML) in cybersecurity has brought new challenges, including the increasing threat of backdoor…
-
Advanced Threat Detection Proactive Cyber Defense Capabilities
In today’s rapidly evolving threat landscape, organizations must maintain continuous visibility, strong detection mechanisms, and rapid response capabilities to defend against increasingly sophisticated cyber adversaries. Our Security Operations framework demonstrates proven effectiveness in identifying, analyzing, and mitigating high-risk network threats in real time. Below are two recent case studies that highlight our proactive detection, investigative…
-
The Agentic Virus: How AI Agents Become Self-Spreading Malware
In my previous post, I walked through how disconnected MCP servers and AI agents create a growing blind spot in enterprise identity. The problem: thousands of MCP deployments running with overly broad tokens, no authentication, and no connection to your identity fabric. The solution: federate everything through the Maverics AI Identity Gateway. That post assumed……
-
NDSS 2025 PBP: Post-Training Backdoor Purification For Malware Classifiers
Session 12B: Malware Authors, Creators & Presenters: Dung Thuy Nguyen (Vanderbilt University), Ngoc N. Tran (Vanderbilt University), Taylor T. Johnson (Vanderbilt University), Kevin Leach (Vanderbilt University) PAPER PBP: Post-Training Backdoor Purification for Malware Classifiers In recent years, the rise of machine learning (ML) in cybersecurity has brought new challenges, including the increasing threat of backdoor…
-
4 Tools That Help Students Focus
Educators recognize the dual reality of educational technology (EdTech): its potential to sharpen student focus and detract from it. Schools must proactively leverage technology’s advantages while mitigating its risks to student productivity. Read on as we unpack the evolving importance and challenge of supporting student focus. We also detail four categories of classroom focus tools,…
-
Proofpoint Expands AI Security Offerings With Acuvity Acquisition
Proofpoint announced Thursday that it has acquired a startup focused on AI security and governance, Acuvity. First seen on crn.com Jump to article: www.crn.com/news/security/2026/proofpoint-expands-ai-security-offerings-with-acuvity-acquisition
-
Neue Warn-App für Cybervorfälle gestartet
Die neue CYROS-App verknüpft Sicherheitswarnungen von Behörden und Fachquellen, um über Cybersicherheitsvorfälle zu informieren.Ransomware-Attacken, Phishing und digitale Sabotage: Vor dem Hintergrund der zunehmenden Cyberbedrohungslage hat das Frankfurter Cyberintelligence Institute (CII) ein digitales Warnsystem namens Cyber Risk”¯Observation”¯Service (CYROS) für Smartphones entwickelt.Die CYROS-App bündelt alle sicherheitsrelevanten Informationen aus behördlichen Warnmeldungen. Zu den Quellen zählen unter anderem das…
-
‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users
Tags: banking, breach, browser, chrome, control, credentials, credit-card, data, finance, google, infrastructure, malicious, marketplace, microsoft, office, password, phishingoutlook-one.vercel.app, hosted on the Vercel development platform, from which users download the software.”Microsoft reviews the manifest, signs it, and lists the add-in in their store. But the actual content the UI, the logic, everything the user interacts with is fetched live from the developer’s server every time the add-in opens,” said Koi Security’s researchers. By…
-
EU Privacy Watchdogs Pan Digital Omnibus
Critics Say Regulation Amendments Would Chip Away at Fundamental Rights. A slew of amendments to European tech regulations touted by the European Commission as necessary for boosting continental competitiveness is receiving pushback from privacy watchdogs unhappy with changes that could water down EU privacy laws. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/eu-privacy-watchdogs-pan-digital-omnibus-a-30744
-
Hand over the keys for Shannon’s shenanigans
In this week’s newsletter, Amy examines the rise of Shannon, an autonomous AI penetration testing tool, and what it means for security teams and risk management. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/hand-over-the-keys-for-shannons-shenanigans/
-
The Epstein Files Reveal Stunning Operational Security Fails
Plaintext Emails Trigger Police Probes Into Potential Leaks of State Secrets The volume of information contained in the Epstein Files, bizarre pictures they paint and our inability to know what they don’t document complicate attempts to understand what it all means. What is clear is the digital detritus that can be generated by just a…
-
Hacker linked to Epstein removed from Black Hat cyber conference website
Emails published by the Justice Department revealed cybersecurity veteran Vincenzo Iozzo emailed, and arranged to meet, Jeffrey Epstein multiple times between 2014 and 2018. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/12/hacker-linked-to-epstein-removed-from-black-hat-cyber-conference-website/
-
Hand over the keys for Shannon’s shenanigans
In this week’s newsletter, Amy examines the rise of Shannon, an autonomous AI penetration testing tool, and what it means for security teams and risk management. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/hand-over-the-keys-for-shannons-shenanigans/
-
IDC Market Note: Surging Demand for EU Data Sovereignty Drives New Cybersecurity-Cloud Partnership
<div cla Digital sovereignty is now a strategic imperative for many European organizations. According to a new IDC Market Note¹, “Sovereignty is not viewed just as a contractual consideration, but as an architectural one, and one of technical feasibility.” First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/idc-market-note-surging-demand-for-eu-data-sovereignty-drives-new-cybersecurity-cloud-partnership/
-
Romania’s oil pipeline operator Conpet confirms data stolen in attack
Romania’s national oil pipeline operator, Conpet S.A., confirmed that the Qilin ransomware gang stole company data in an attack last week. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/romanias-oil-pipeline-operator-conpet-confirms-data-stolen-in-attack/
-
IDC Market Note: Surging Demand for EU Data Sovereignty Drives New Cybersecurity-Cloud Partnership
<div cla Digital sovereignty is now a strategic imperative for many European organizations. According to a new IDC Market Note¹, “Sovereignty is not viewed just as a contractual consideration, but as an architectural one, and one of technical feasibility.” First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/idc-market-note-surging-demand-for-eu-data-sovereignty-drives-new-cybersecurity-cloud-partnership/
-
ApolloMD data breach impacts 626,540 people
A May 2025 cyberattack on ApolloMD exposed the personal data of over 626,000 patients linked to affiliated physicians and practices. ApolloMD is a US-based healthcare services company that partners with hospitals, health systems, and physician practices. It provides practice management, staffing, revenue cycle, and administrative support services. The company works with affiliated physicians across specialties…
-
Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices
Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks.The vulnerability, tracked as CVE-2026-20700 (CVSS score: N/A), has been described as a memory corruption issue in dyld, Apple’s Dynamic Link Editor. Successful exploitation of the vulnerability could…
-
Dutch mobile phone giant Odido announces data breach
In a statement about the incident, Odido CEO Søren Abildgaard said names, bank account numbers, addresses, mobile numbers, email addresses, account numbers and IDs were stolen. First seen on therecord.media Jump to article: therecord.media/dutch-telecom-giant-announces-data-breach
-
Check Point Acquires Three Startups For AI Security, MSP Expansion
Check Point Software Technologies announced Thursday that it has acquired three early-stage vendors in areas including AI security and MSP tooling. First seen on crn.com Jump to article: www.crn.com/news/security/2026/check-point-acquires-three-startups-for-ai-security-msp-expansion