Author: Andy Stern
-
Ahead of the Curve: Hickman County School District’s Proactive Approach to Student Safety
How Cloud Monitor provides long-term value and consistent student protection in Google Workspace In Centerville, Tennessee, Hickman County School District serves approximately 2,500 students across nine schools with a small but highly capable technology team. Leading that effort is Brad Gilbert, Director of Technology, a forward-thinking IT leader who has long recognized that student safety…
-
New Keenadu backdoor found in Android firmware, Google Play apps
A newly discovered and sophisticated Android malware called Keenadu has been found embedded in firmware from multiple device brands, enabling it to compromise all installed applications and gain unrestricted control over infected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-keenadu-backdoor-found-in-android-firmware-google-play-apps/
-
Cybersecurity Excellence Awards Reveal Nomination Shift from AI Hype to Governance Execution
Washington DC, USA, 17th February 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/cybersecurity-excellence-awards-reveal-nomination-shift-from-ai-hype-to-governance-execution/
-
US lawyers fire up privacy class action accusing Lenovo of bulk data transfers to China
Keep behavioral tracking American? PC giant says the claim is ‘false’ First seen on theregister.com Jump to article: www.theregister.com/2026/02/17/lenovo_privacy_lawsuit/
-
New Keenadu backdoor found in Android firmware, Google Play apps
A newly discovered and sophisticated Android malware called Keenadu has been found embedded in firmware from multiple device brands, enabling it to compromise all installed applications and gain unrestricted control over infected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-keenadu-backdoor-found-in-android-firmware-google-play-apps/
-
AI in the Middle: Turning Web-Based AI Services into C2 Proxies The Future Of AI Driven Attacks
ey Points Introduction AI is rapidly becoming embedded in day-to-day enterprise workflows, inside browsers, collaboration suites, and developer tooling. As a result, AI service domains increasingly blend into normal corporate traffic, often allowed by default and rarely treated as sensitive egress. Threat actors are already capitalizing on this shift. Across the malware ecosystem, AI is…
-
Cybersecurity Excellence Awards Reveal Nomination Shift from AI Hype to Governance Execution
Washington DC, USA, 17th February 2026, CyberNewswire First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/cybersecurity-excellence-awards-reveal-nomination-shift-from-ai-hype-to-governance-execution/
-
Over-Privileged AI Drives 4.5 Times Higher Incident Rates
Tags: aiTeleport study reveals that organizations running over-privileged AI have a 76% incident rate First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/overprivileged-ai-45-times-higher/
-
Russia Set to Block Telegram Access Nationwide from April 1
Russia is preparing to implement a nationwide block on Telegram starting April 1, 2026, according to reports from the Russian insider channel Baza. The move would make the messaging platform completely inaccessible without VPN technology, mirroring previous restrictions imposed on Instagram and Facebook in the country. Roskomnadzor, Russia’s telecommunications regulator, has neither confirmed nor denied…
-
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol (MCP) server associated with Oura Health to deliver an information stealer known as StealC.”The threat actors cloned a legitimate Oura MCP Server a tool that connects AI assistants to Oura Ring health data and…
-
Polish cops nab 47-year-old man in Phobos ransomware raid
Police say seized kit contained logins, passwords, and server IP addresses First seen on theregister.com Jump to article: www.theregister.com/2026/02/17/poland_phobos_ransomware_arrest/
-
(g+) Cisa-Warnung: Diese Schwachstellen sollten ganz hoch auf die Patch-Agenda
Aktiv ausgenutzte Schwachstellen: Die Cisa listet Solarwinds Web Help Desk, Notepad++ WinGUp und Apple dyld Zero Day. Was Admins jetzt konkret tun sollten. First seen on golem.de Jump to article: www.golem.de/news/cisa-warnung-diese-schwachstellen-sollten-ganz-hoch-auf-die-patch-agenda-2602-205457.html
-
Cybercriminals Exploit Atlassian Cloud to Launch Spam Campaigns Promoting Fraudulent Investments
Cybercriminals abused Atlassian Cloud’s trusted infrastructure to run a burst of highly automated spam campaigns that redirected victims to fraudulent investment schemes and online casinos, highlighting the growing risk of SaaS-powered email abuse. By riding on Atlassian Jira Cloud’s strong domain reputation and built-in email authentication, the attackers were able to bypass many traditional email…
-
Euer Blick in die Zukunft der IT: Senior Developer werden immer wichtiger werden
Tags: aiZwischen Zuversicht, Umbruch und KI-Zukunft – so sieht die IT für unsere Leser in einigen Jahren aus. First seen on golem.de Jump to article: www.golem.de/news/euer-blick-in-die-zukunft-der-it-senior-developer-werden-immer-wichtiger-werden-2602-204197.html
-
Murena: Volla Tablet mit Google-freiem /e/OS erhältlich
Nach Ubuntu Touch und Volla OS kann nun auch das Android-ROM /e/OS ohne Google-Dienste auf dem Volla-Tablet installiert werden. First seen on golem.de Jump to article: www.golem.de/news/murena-volla-tablet-mit-google-freiem-e-os-erhaeltlich-2602-205501.html
-
Dutch police arrest man who refused to delete confidential files shared by mistake
Tags: lawDutch police have arrested a 40-year-old man who refused to delete confidential documents law enforcement accidentally sent to him. First seen on therecord.media Jump to article: therecord.media/netherlands-arrest-confidential-files-police
-
Umfrage von Eset – Fast jeder zweite PC nutzt noch veraltetes Windows 10
Tags: windowsFirst seen on security-insider.de Jump to article: www.security-insider.de/veraltete-windows-10-nutzung-in-deutschen-haushalten-a-c481917bd661ea5645aa9695676f4f5d/
-
Update Chrome now: Zero-day bug allows code execution via malicious webpages
Google has released an emergency update to patch an actively exploited zero-day”, the first Chrome zero-day of the year. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/update-chrome-now-zero-day-bug-allows-code-execution-via-malicious-webpages/
-
Pressure builds on Grok AI, Ireland launches investigation
The Irish Data Protection Commission (DPC) opened an investigation into X over concerns that its Grok AI chatbot was used to generate sexualized deepfakes. The investigation … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/17/ireland-grok-ai-chatbot-deepfakes-investigation/
-
Next Gen Spotlights: Trailblazing A Mindful, People-First Approach to Cyber QA with Cyber Innovations Ltd.
Cyber Innovations is a UK-based cyber company specialising in human-centred cyber resilience. Cyber Innovations have developed research-backed training, tools and frameworks designed to help organisations respond more effectively to cyber incidents, while reducing cognitive overload, limiting human error and minimising longer-term impacts on staff wellbeing. Cyber Innovation’s early work, particularly the development of CyGamBIT, was…
-
Poorly crafted phishing campaign leverages bogus security incident report
Attackers used a fake PDF incident report hosted on AWS to scare victims into enabling 2FA, though a poorly crafted phishing campaign. Freelance security consultant Xavier Mertens reported a phishing campaign using a fake PDF security incident report hosted on AWS to scare victims into enabling 2FA. The researchers pointed out that the campaign appears poorly…
-
Significant Rise in Ransomware Attacks Targeting Industrial Operations
Dragos annual report warns of a surge in ransomware attacks causing increased operational disruption in industrial environments First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/rise-in-ransomware-targeting/
-
Side-Channel Attacks Against LLMs
Tags: access, attack, chatgpt, credit-card, data, defense, exploit, LLM, monitoring, network, open-source, openai, phone, side-channelHere are three papers describing different side-channel attacks against LLMs. “Remote Timing Attacks on Efficient Language Model Inference”: Abstract: Scaling up language models has significantly increased their capabilities. But larger models are slower models, and so there is now an extensive body of work (e.g., speculative sampling or parallel decoding) that improves the (average case)…
-
Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster
Cloud attacks move fast, faster than most incident response teams.In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived. A compromised instance can disappear in minutes. Identities rotate. Logs expire. Evidence can vanish before analysis even begins.Cloud forensics is fundamentally First…
-
Firmware-level Android backdoor found on tablets from multiple manufacturers
A new Android backdoor embedded directly in device firmware can quietly take control of apps and harvest data, Kaspersky researchers found. The malware, named Keenadu, was … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/17/firmware-level-android-backdoor-keenadu-tablets/
-
When DORA Goes From Afterthought to Commercial Imperative
If you had asked me in 2024 how seriously firms were taking DORA, my honest answer would have been that only around the top 20 per cent of impacted organisations were truly focused on it. These were typically the more risk averse, forward thinking businesses that tend to move early on regulatory change. Even then,…
-
My Day Getting My Hands Dirty with an NDR System
My objectiveThe role of NDR in SOC workflowsStarting up the NDR systemHow AI complements the human responseWhat else did I try out?What could I see with NDR that I wouldn’t otherwise?Am I ready to be a network security analyst now?My objectiveAs someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience…