Tag: jobs
-
European police email 75,000 people asking them to stop DDoS attacks
Europol coordinated an operation against for-hire distributed denial-of-service (DDoS) services, including the arrest of four people and the takedown of 53 domains. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/16/european-police-email-75000-people-asking-them-to-stop-ddos-attacks/
-
Cybersecurity Risks of Hiring a Virtual Assistant and How to Protect Your Business
Virtual assistants boost productivity but add cybersecurity risks. Poor access control, weak devices, and credential sharing can expose sensitive business data. First seen on hackread.com Jump to article: hackread.com/cybersecurity-risks-hiring-virtual-assistant-business/
-
How the enterprise supply chain has created a global attack surface
For years, organisations have treated cyber security as something that happens within their own walls. Protect the network, secure the endpoints, monitor the environment. Job done. Security was architected like a moat and castle, but today the model is no longer effective. Today, the real exposure sits outside the organisation. It sits in third parties,…
-
How the enterprise supply chain has created a global attack surface
For years, organisations have treated cyber security as something that happens within their own walls. Protect the network, secure the endpoints, monitor the environment. Job done. Security was architected like a moat and castle, but today the model is no longer effective. Today, the real exposure sits outside the organisation. It sits in third parties,…
-
North Korea Uses ClickFix to Target macOS Users’ Data
Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials and sensitive data from Macs. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/north-korea-clickfix-target-macos-users-data
-
Insurance carriers quietly back away from covering AI outputs
Coverage in flux: Phil Karecki, CTO for the insurance sector at managed services provider Ensono, also sees some carriers backing away from covering AI outputs, although he’s not sure whether it’s a major trend. Insurance carriers continuously experiment with how to provide coverage, he notes.Carriers have tried to separate tightly governed AI deployments from more…
-
The endless CISO reporting line debate, and what it says about cybersecurity leadership
Tags: access, business, ceo, cio, ciso, cloud, control, corporate, cyber, cybersecurity, firewall, governance, infrastructure, jobs, monitoring, network, resilience, risk, strategy, technology, vulnerabilityThe governance gap behind the debate: The persistence of this debate reflects a broader governance gap.Historically, information security emerged as a technical discipline embedded within IT departments. Early security teams focused primarily on protecting infrastructure: Firewalls, access controls, network monitoring and vulnerability management. In that environment, it was natural for the security function to sit…
-
Curity looks to reinvent IAM with runtime authorization for AI agents
Multiple approaches to agent security: Today, agent security falls into one of several camps, which include increasingly inadequate inline approaches such as API gateways and web application firewalls (WAFs), and out-of-band analysis systems that infer intent by analyzing agent behavior against a baseline.Curity’s Access Intelligence, by contrast, is a self-hosted microservice that acts as a…
-
Curity looks to reinvent IAM with runtime authorization for AI agents
Multiple approaches to agent security: Today, agent security falls into one of several camps, which include increasingly inadequate inline approaches such as API gateways and web application firewalls (WAFs), and out-of-band analysis systems that infer intent by analyzing agent behavior against a baseline.Curity’s Access Intelligence, by contrast, is a self-hosted microservice that acts as a…
-
CISA cancels summer internships for cyber scholarship students amid DHS funding lapse
The move adds to mounting pressure on a scholarship program already strained by hiring freezes, proposed budget cuts and a growing backlog of unplaced graduates. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-cancels-cybercorps-internships-dhs-funding-crisis/
-
CISOs Urged to Innovate with Talent Retention as Job Satisfaction Declines
A new IANS report claims just 34% of cybersecurity professionals plan to stay put in the next 12 months First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisos-innovate-talent-retention/
-
Secretary Mullin must help finish the job: Urge the Senate to confirm Plankey
With global cyber threats escalating and budget cuts looming, CISA needs a Senate-confirmed director. It’s time to confirm Sean Plankey. First seen on cyberscoop.com Jump to article: cyberscoop.com/national-security-ntsc-op-ed-sean-plankey-cisa-confirmed-director/
-
How AI is transforming threat detection
Tags: ai, attack, automation, best-practice, business, ceo, cisa, cve, cyber, data, detection, email, endpoint, framework, google, governance, group, incident response, intelligence, international, jobs, kev, malware, network, nist, organized, phishing, risk, skills, soc, switch, technology, threat, toolReducing alert fatigue: In alert triage, AI agents are reducing alert fatigue by clustering alert patterns and enabling risk-based prioritization, adds Dipto Chakravarty, chief product and technology officer at Black Duck.For example, natural language processing agents can summarize threat alerts at scale and correlate them with threat intel feeds such as CVE.org and the CISA KEV Catalog,…
-
The AI inflection point: What security leaders must do now
The questions have matured: The AI discussion in security has evolved in phases.First came skepticism from security leaders, asking whether AI actually works in security operations. Given years of overpromised technology, the caution was warranted.Experimentation followed, with questions centering on what types of work AI should handle and where it introduces risk.Now, the dominant questions…
-
The AI inflection point: What security leaders must do now
The questions have matured: The AI discussion in security has evolved in phases.First came skepticism from security leaders, asking whether AI actually works in security operations. Given years of overpromised technology, the caution was warranted.Experimentation followed, with questions centering on what types of work AI should handle and where it introduces risk.Now, the dominant questions…
-
Alleged German DDoSHire Kingpin Behind Fluxstress Caught in Thailand
Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries. First seen on hackread.com Jump to article: hackread.com/german-ddos-for-hire-kingpin-fluxstress-thailand/
-
Alleged German DDoSHire Kingpin Behind Fluxstress Caught in Thailand
Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries. First seen on hackread.com Jump to article: hackread.com/german-ddos-for-hire-kingpin-fluxstress-thailand/
-
Red Hat RHELocates its Chinese engineering team to India
Hundreds of layoffs, but this smells of geopolitics, not downsizing First seen on theregister.com Jump to article: www.theregister.com/2026/04/10/red_hat_ends_china_engineering/
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
Neuer Job als Release Manager:in gesucht? Schau dir unsere Top Jobs an
Tags: jobsFirst seen on t3n.de Jump to article: t3n.de/news/unsere-jobs-der-woche-1175973/
-
Black Duck Names Dom Glavach as CISO to Bolster Supply Chain and AI Security Push
Application security firm Black Duck has appointed Dom Glavach as its new Chief Information Security Officer, bringing in a seasoned executive with more than two decades of experience spanning enterprise security, national defence, and SaaS environments. The hire comes at a turbulent time for software security. Dependency abuse, credential misuse, and compromised build pipelines have…
-
Masjesu botnet targets IoT devices while evading high-profile networks
Masjesu is a stealthy DDoS-for-hire botnet targeting IoT devices, active since 2023 and designed to stay hidden by avoiding high-profile networks. Masjesu is a stealthy botnet active since 2023, advertised as a DDoS-for-hire service. It targets IoT devices like routers and gateways, spanning multiple architectures. Designed for persistence, it executes carefully, avoiding high-profile IP ranges…
-
Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa (MENA), according to findings from Access Now, Lookout, and SMEX.Two of the targets included prominent Egyptian journalists and government critics, Mostafa First seen on thehackernews.com…
-
Middle East HackHire Operation Traced to South Asian Cyber Espionage Group
A spear-phishing campaign which spread across the Middle East between 2023 and 2024 has now been linked to Bitter APT group First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/middle-east-hack-operation-bitter/
-
Questions raised about how LinkedIn uses the petabytes of data it collects
CSOonline. “We do disclose that we scan for browser extensions in our privacy policy, in order to detect abuse and provide defense for site stability.” When asked whether it uses that data solely to do those things, LinkedIn did not reply. The key person behind the allegations calls himself Steven Morrell (not his legal name, which…
-
Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
LinkedIn has been secretly scanning your browser for over 6,000 installed extensions, on every single click you make. It can tell if you’re job hunting, what religion you are, and whether you have ADHD. And none of this is mentioned anywhere in their privacy policy. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-462/
-
Hackhire group caught targeting Android devices and iCloud backups
Security researchers exposed a spying campaign by a hack-for-hire group that used Android spyware and phishing to steal iCloud credentials and hack victims’ devices. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/08/hack-for-hire-group-caught-targeting-android-devices-and-icloud-backups/