Tag: technology
-
Beyond CVSS: OT Security Looks for Its Risk Methodology
Individual Vulnerability Severity Not Always a Good Measure of Risk Exposure. A mainstay of IT security programs across the world, the Common Vulnerability Scoring System, may have terminal flaws when applied to the mirror universe of operational technology – a place where ordinary assumptions about risk don’t apply. First seen on govinfosecurity.com Jump to article:…
-
Stryker attack wiped tens of thousands of devices, no malware needed
Last week’s cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/stryker-attack-wiped-tens-of-thousands-of-devices-no-malware-needed/
-
16th March Threat Intelligence Report
United States-based medical technology company Stryker has suffered a cyberattack that caused a global disruption to its environment. The company said its surgical robotics, clinical communications platform, and life support monitors are […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/16th-march-threat-intelligence-report/
-
Justin Fulcher on AI’s Role in Modernizing Government Operations
Government systems weren’t built for the digital age. Many federal agencies still operate on infrastructure designed decades ago, creating bottlenecks that slow decision-making, strain resources, and frustrate both employees and citizens. Artificial intelligence offers a potential pathway forward, but only if deployed with precision and institutional awareness. Justin Fulcher, a technology founder and former government…
-
What it takes to win that CSO role
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, control, cybersecurity, data, defense, finance, flaw, framework, google, identity, insurance, jobs, monitoring, network, resilience, risk, skills, startup, strategy, technology, threatGovern the explosion of shadow AI and establish guardrails for generative AI before it creates material data leakage.Move beyond prevention and operate as a business enabler, proving the organization can maintain a minimum viable business during a sustained outage.Address compliance burdens, such as SEC disclosure rules or the EU AI Act, not as a checklist,…
-
What it takes to win that CSO role
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, control, cybersecurity, data, defense, finance, flaw, framework, google, identity, insurance, jobs, monitoring, network, resilience, risk, skills, startup, strategy, technology, threatGovern the explosion of shadow AI and establish guardrails for generative AI before it creates material data leakage.Move beyond prevention and operate as a business enabler, proving the organization can maintain a minimum viable business during a sustained outage.Address compliance burdens, such as SEC disclosure rules or the EU AI Act, not as a checklist,…
-
OT Security: The New Attack Surface of AI-Powered Robots
AI-powered humanoid robots are introducing a new cyber-physical attack surface that blends operational technology with enterprise IT. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/artificial-intelligence/ot-security-the-new-attack-surface-of-ai-powered-robots/
-
Iran-Linked Hacktivists Claim Destructive Cyberattack on Medtech Firm Stryker
A hacktivist group with alleged links to Iran’s intelligence agencies has claimed responsibility for a destructive cyberattack against Stryker, the Michigan-based global medical technology company, in an incident that reportedly disrupted operations across the company’s international network. News reports from Ireland, Stryker’s largest hub outside the United States, said the company sent more than 5,000…
-
Understanding SOC 2 Controls for SaaS Providers
For SaaS providers, trust is a core part of the offering. Customers rely on software platforms to process data, support business operations, and integrate with wider technology ecosystems. As a result, demonstrating effective security and governance controls using frameworks like SOC 2 has become an increasingly important requirement when selling to enterprise customers. SOC 2″¦…
-
The Cyber Express Weekly Roundup: Global Cyberattacks, Espionage, Malware, and Critical Security Updates
This week’s The Cyber Express weekly roundup highlights major cybersecurity developments affecting organizations, governments, and individuals worldwide. Key stories include destructive cyberattacks, such as system-wide wipes and targeted breaches, as well as state-backed cyber espionage targeting technology and research sectors. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/the-cyber-express-weekly-roundup-march/
-
Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
vpn-fortinet[.]com and ivanti-vpn[.]org, hosting malicious ZIP files on GitHub, the advisory said.The malware itself arrives as a ZIP file containing a Windows Installer package. When a user launches the downloaded installer, it drops a fake Pulse Secure application into a directory that closely mimics a legitimate Pulse Secure installation path, Microsoft said.”This installation path blends…
-
Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
vpn-fortinet[.]com and ivanti-vpn[.]org, hosting malicious ZIP files on GitHub, the advisory said.The malware itself arrives as a ZIP file containing a Windows Installer package. When a user launches the downloaded installer, it drops a fake Pulse Secure application into a directory that closely mimics a legitimate Pulse Secure installation path, Microsoft said.”This installation path blends…
-
Hybrid resilience: Designing incident response across on-prem, cloud and SaaS without losing your mind
Tags: access, authentication, business, cloud, communications, data, data-breach, group, identity, incident response, metric, mitigation, network, radius, resilience, saas, service, strategy, technology, updateSeverity is driven by customer impact, not by who is pagedWe maintain one current hypothesis, even if it is wrongWe keep one shared timeline that captures decisions, not just symptomsWe communicate on a predictable cadence, even when answers are incompleteEvery action has a named owner and an explicit “time we expect to learn”The biggest behavior…
-
Hybrid resilience: Designing incident response across on-prem, cloud and SaaS without losing your mind
Tags: access, authentication, business, cloud, communications, data, data-breach, group, identity, incident response, metric, mitigation, network, radius, resilience, saas, service, strategy, technology, updateSeverity is driven by customer impact, not by who is pagedWe maintain one current hypothesis, even if it is wrongWe keep one shared timeline that captures decisions, not just symptomsWe communicate on a predictable cadence, even when answers are incompleteEvery action has a named owner and an explicit “time we expect to learn”The biggest behavior…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
What optimization can be expected from AI-driven audits
How Are Non-Human Identities Redefining Cybersecurity? What are the implications of Non-Human Identities (NHIs) on contemporary cybersecurity strategies? Where increasingly reliant on digital, NHIs stand as crucial elements. These machine identities, which are becoming pivotal in securing environments, represent a sound intersection of technology and security strategies. Understanding Non-Human Identities NHIs are more than mere……
-
US sanctions North Korea IT worker networks in Laos, Vietnam
The latest round of sanctions targeted Amnokgang Technology Development Company, a North Korean company that manages delegations of IT workers, and Quangvietdnbg International Services Company, a Vietnamese firm used by North Korean actors for currency conversion services. First seen on therecord.media Jump to article: therecord.media/us-sanctions-north-korea-it-worker-networks-laos-vietnam
-
Destructive Activity Targeting Stryker Highlights Emerging Supply Chain Risks
On March 11th, medical technology company Stryker disclosed that a cyberattack had disrupted portions of its global network infrastructure, affecting Microsoft systems used across the organization. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/destructive-activity-targeting-stryker-highlights-emerging-supply-chain-risks/
-
Reuse, Reward: How Banks Can Safely Unlock the Value of Their Data
<div cla The financial world is awash with data. But too few organizations are able to use it effectively. In Bank Director’s 2025 Technology Survey, one-third of US banking leaders cite an inability to harness data as a top technology challenge facing their institution. They run the risk of falling behind their peers. For instance,…
-
Payment Giant Verifone Disputes Iranian Hacking Group Hit
Tehran-Linked Handala Hackers Disrupt Medtech Giant Stryker, Claim Verifone Breach. As the United States and Israel continue their war with Iran, Tehran-linked hacking group Handala has entered the fray, claiming credit for wiping systems at medical technology firm Stryker, which confirmed the attack, as well as breaching payment device maker Verifone, which denied being breached.…
-
Iran-Linked Hacktivists Claim Wiper Attack on Stryker Systems
Iran-linked hacktivists claim responsibility for a cyberattack that disrupted global operations at medical technology company Stryker. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/iran-linked-hacktivists-claim-wiper-attack-on-stryker-systems/
-
RSAC 2026 Innovation Sandbox Glide Identity: Building a Next-Generation AI Passwordless Authentication Platform
Tags: access, ai, authentication, conference, control, cyber, identity, intelligence, network, startup, technologyCompany Profile With the rapid development of artificial intelligence technology today, identity and access control have leapt from a simple security component to the core control plane of the digital world. Against this backdrop, Glide Identity, a startup shortlisted for the 2026 RSA Conference Innovation Sandbox, stands out. The company is committed to breaking down…The…
-
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker’s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at…
-
Medtech Firm Stryker Disrupted by Pro-Iran Hackers
Iran Expands Targeting, Including AWS, Google and Microsoft Infrastructure. Michigan-based medical technology giant Stryker appears to have been hacked by a pro-Iranian group called Handala, leading to global operations being disrupted, IT devices remotely wiped and terabytes of data being stolen. Experts said Handala appears to be a faketivist group run by Tehran. First seen…
-
Medtech giant Stryker offline after Iran-linked wiper malware attack
Leading medical technology company Stryker has been hit by a wiper malware attack claimed by Handala, an Iranian-linked and pro-Palestinian hacktivist group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/medtech-giant-stryker-offline-after-iran-linked-wiper-malware-attack/
-
KnowBe4 launches AI agent to tailor security awareness assessments
KnowBe4 has expanded its Artificial Intelligence Defense Agents (AIDA) suite with the launch of a new AI-powered assessment tool designed to help organisations measure human cyber risk more accurately. The company has introduced the Custom SAPA (Security Awareness Proficiency Assessment) AI Agent, which generates tailored security awareness assessments based on an organisation’s own technology environment,…