Topic: incident response
-
ENISA to Lead €36m EU-Wide Cybersecurity Response Initiative
The EU has allocated €36 million to ENISA to coordinate a cybersecurity response initiative, enhancing collective resilience against large-scale cyber incidents across member states and partner nations. ENISA will manage the EU Cybersecurity Reserve, a virtual pool of private sector services, to ...
Read More » -
Semperis Unifies Identity Recovery for Faster Cyber Response
Semperis has launched Ready1 for Identity Crisis Management, a no-cost offering that integrates its identity recovery tools with a structured crisis management system to help businesses quickly resume operations after identity attacks. The platform provides automated features like a command-and-c...
Read More » -
Bitdefender & CYPFER: End-to-End Cyber Resilience for Businesses
Bitdefender and CYPFER have partnered to provide end-to-end cyber resilience, integrating incident response, forensic investigation, and rapid recovery into Bitdefender's security portfolio for businesses of all sizes. The collaboration combines Bitdefender's threat detection and intelligence wit...
Read More » -
Ready1 Restores Operations After Identity Breach Crisis
Semperis has launched Ready1, an integrated platform for managing identity crises by combining Active Directory Forest Recovery, Disaster Recovery for Entra Tenant, and Identity Forensics services to help organizations quickly restore operations after cyberattacks. The platform features automated...
Read More » -
Federal Agency Hacked Through GeoServer Vulnerability
A federal agency suffered a cybersecurity breach in July 2024 when attackers exploited a critical, unpatched vulnerability in a public-facing GeoServer, allowing them to deploy malicious tools and establish persistence. The attackers used the same vulnerability to breach a second server, moved la...
Read More » -
Hiring Now: Cybersecurity Jobs in October 2025
A variety of cybersecurity roles are available globally in October 2025, including positions for analysts, engineers, consultants, and leadership, with options for remote, on-site, or hybrid work arrangements. Key leadership positions like Chief Information Security Officer (CISO) involve develop...
Read More » -
SolarWinds AI Agent Advances Autonomous Operations
SolarWinds has introduced an AI Agent and enhanced AI capabilities to help IT departments achieve autonomous operational resilience by predicting problems, automating responses, and reducing cognitive load on human operators. The AI Agent functions as a digital team member, supporting observabili...
Read More » -
Top Cybersecurity Jobs Hiring Now | October 2025
Cybersecurity careers are thriving with high demand across sectors like energy, finance, and healthcare, requiring technical skills and strategic thinking to protect infrastructure from evolving threats. Key roles include Threat Intelligence Analysts, Application Security Engineers, and Cloud Sec...
Read More » -
Putting NICE Guidelines into Practice: Training Insights
SMBs can effectively train employees against cyber threats by focusing on a streamlined, scenario-based program derived from the NICE Framework, targeting the most common attacks like phishing, malware, and web-based threats. The training integrates technical skills with legal knowledge through r...
Read More » -
Remote Access Abuse: The #1 Sign of a Ransomware Attack
Abuse of remote access software and services is the most common warning sign of an impending ransomware attack, as cybercriminals exploit tools like RDP, AnyDesk, and PowerShell to gain domain administrator privileges. Key defenses include configuring security tools to allow only trusted applicat...
Read More » -
Hackers Breach Federal Agency via GeoServer Flaw, CISA Warns
A critical vulnerability (CVE-2024-36401) in GeoServer was exploited to breach a U.S. federal agency's network after attackers compromised an unpatched server. The attackers moved laterally from the initial entry point, deploying malicious tools like China Chopper and using brute force attacks to...
Read More » -
NETSCOUT Enhances Cloud Compliance for Enterprises
NETSCOUT has enhanced its Omnis KlearSight Sensor for Kubernetes to provide deeper visibility for compliance, accelerating threat detection and validating zero-trust policies in response to widespread Kubernetes adoption. The platform addresses compliance risks by capturing packet- and process-le...
Read More » -
F5 Source Code Stolen by Nation-State Hackers in Data Breach
F5 experienced a security breach by a nation-state actor who stole BIG-IP source code and vulnerability data, potentially enabling the creation of new exploits. The company has contained the incident, implemented security enhancements, and found no evidence of critical vulnerabilities or customer...
Read More » -
Crafting an Effective Healthcare Cybersecurity Strategy
Focus on foundational cybersecurity controls like vulnerability management and network segmentation to maximize protection with limited resources, as they offer high-impact risk reduction. Cultivate a strong cybersecurity culture through staff training, making the workforce a cost-effective first...
Read More » -
Hiring Now: Top Cybersecurity Jobs in September 2025
A wide range of top cybersecurity roles are available globally in September 2025, reflecting high demand for experts in protecting digital assets across various industries and work arrangements. Key positions include specialized roles such as Application Security Architect, Chief Information Secu...
Read More » -
Urgent: Change Your Plex Password Now
Plex has experienced a security breach where an unauthorized party accessed customer data, including email addresses, usernames, and securely hashed passwords. The company has addressed the vulnerability and recommends users immediately reset their passwords and enable two-factor authentication f...
Read More » -
Hiring Now: Top Cybersecurity Jobs for September 2025
The cybersecurity job market is expanding rapidly due to increasing cyber threats, with high demand for specialized roles across various sectors and countries. Key positions include Chief Information Security Officers (CISOs) who develop security strategies and manage risk, and other roles like C...
Read More » -
Survive a Ransomware Attack on Active Directory: An Executive Guide
Active Directory is critical for enterprise identity management, and rushing recovery after a ransomware attack can worsen damage by reintroducing malware or compromised settings. Attackers typically use legitimate credentials to infiltrate, then escalate privileges by exploiting weaknesses like ...
Read More » -
Secure Your Google Workspace: Protect Data, Not Just Access
Modern digital workplaces face security challenges from interconnected tools, where attackers exploit legitimate access tokens rather than breaching traditional perimeters. Recent incidents, like the Drift Email compromise, show that third-party integrations can bypass robust security frameworks,...
Read More » -
Akira Ransomware Hijacks Victim's Remote Management Tool
Hackers used the trusted Datto RMM tool and a Living Off The Land strategy to deploy Akira ransomware, disguising their actions as normal IT operations to avoid detection. The attack was halted by Barracuda Managed XDR, which detected the encryption activity and immediately isolated the compromis...
Read More » -
Flowmon ADS 12.5: Effortless Threat Detection Made Simple
Progress Software has launched Flowmon ADS 12.5, an AI-powered anomaly detection system designed to simplify threat identification and provide enhanced network visibility for organizations. The solution addresses challenges like alert fatigue and resource constraints, especially for midsize busin...
Read More » -
SonicWall Urges Password Reset Following Security Breach
SonicWall has advised customers to reset passwords after detecting unauthorized access to firewall configuration backup files in some MySonicWall accounts, which contain sensitive data like credentials and tokens. The company confirmed this was not a ransomware attack but a series of targeted bru...
Read More » -
3 Must-Haves to Survive a Cyberattack
Swift and effective response to a cyberattack depends on having clarity, control, and a reliable lifeline already in place. Clarity involves real-time detection and understanding of the incident's scope, enabling informed decisions to isolate and manage threats. Control means the ability to conta...
Read More » -
Qualys, Tenable Hit in Salesloft Data Breach
Tenable and Qualys experienced unauthorized access to their Salesforce data due to stolen OAuth tokens from the Salesloft Drift application, highlighting risks from third-party integrations. Both firms confirmed their core products and services were unaffected, and they responded by disabling the...
Read More » -
Securing Farms from Cyber Threats: A John Deere CISO Q&A
Modern agriculture relies heavily on interconnected, software-driven systems, making cybersecurity as critical as physical equipment to protect the supply chain from threats. John Deere employs a security-by-design approach, integrating protections from development through testing, and collaborat...
Read More » -
Top Cybersecurity Products Launched This Week: October 2025
OPSWAT's MetaDefender Drive offers a portable, network-free threat scanner for securely validating temporary devices before they access protected networks. Radiflow360 integrates operational technology risk management, compliance, and incident response into a unified platform for mid-sized indust...
Read More » -
F5 Issues Critical Patches for Stolen BIG-IP Vulnerabilities
F5 Networks issued critical security patches for its BIG-IP product line after a state-sponsored breach on August 9, 2025, which exposed proprietary source code and vulnerabilities, urging immediate installation to address 44 issues. The Cybersecurity and Infrastructure Security Agency (CISA) man...
Read More » -
Red Hat Admits GitLab Hack, User Data Stolen
Red Hat confirmed a security breach of an internal GitLab system used by its Consulting team, initially misreported as targeting GitHub, where a cybercriminal group claimed to have stolen substantial proprietary data. The attackers, Crimson Collective, allegedly exfiltrated around 570 GB of compr...
Read More » -
CISA Steps In as Federal MS-ISAC Funding Ends
The longstanding cooperative agreement between CISA and the Center for Internet Security has ended, shifting cybersecurity support for state, local, tribal, and territorial governments to be provided directly by CISA through grants, tools, and expert assistance. Federal funding for the MS-ISAC's ...
Read More » -
ManageEngine Reduces SOC Alert Fatigue with Reengineered Detection
Security operations centers are overwhelmed by excessive alerts, making it difficult to distinguish critical threats from irrelevant noise. ManageEngine's Log360 introduces a reengineered detection system that reduces false positives and improves threat coverage with over 1,500 prebuilt, continuo...
Read More » -
Major Cybersecurity Firms Impacted by Salesloft Data Breach
A data breach at Salesloft impacted over 700 organizations, including major cybersecurity firms, by compromising OAuth tokens to access Salesforce databases and Google Workspace accounts. Attackers, identified as UNC6395, targeted AWS access keys, passwords, and Snowflake tokens, posing risks for...
Read More » -
Go Beyond Checklists: Build a Mature Automotive Cybersecurity Program
A mature automotive cybersecurity program requires a foundation in established frameworks like ISO, but must go beyond compliance by developing a tailored risk management strategy that addresses unique threats and deploys proactive controls across the enterprise. Comprehensive threat visibility, ...
Read More » -
Securing AI Agents in SaaS with Obsidian
Obsidian Security has launched a new defense system specifically designed to secure AI agents in SaaS environments, addressing the security gaps and cascading threats created by their rapid integration and excessive permissions. The proliferation of AI agents, such as those from Microsoft Copilot...
Read More » Australia's Cyber Crisis: A Call to Action for Businesses
Australian businesses face sophisticated cyber campaigns aimed at crippling economic stability and critical national functions, moving beyond simple data theft to cause national paralysis. The conflict in Ukraine demonstrated that cyber warfare is synchronized with military operations, targeting ...
Read More »-
Stop Insider Threats: A Human-Centric Security Platform
A significant 60% of data breaches stem from internal actors, highlighting the critical vulnerability of the human element in cybersecurity. The Syteca platform offers a multi-layered defense with features like user session monitoring, sensitive data masking, and automated alerting to address ins...
Read More » -
F5 Hack Puts Thousands of Networks at Imminent Risk
A sophisticated nation-state hacking group breached F5's network, exposing proprietary source code and undisclosed vulnerability data, endangering thousands of government and corporate networks that rely on BIG-IP appliances. The attackers maintained persistent access for years, gaining control o...
Read More » -
Corelight's AWS Flow Monitoring Ends Cloud Blind Spots
Corelight's new Flow Monitoring solution for AWS provides unified network visibility across cloud and hybrid infrastructures, reducing SIEM and storage costs by up to 90% compared to traditional methods. The solution converts high-volume AWS flow data into enriched, security-focused intelligence,...
Read More » -
UK Arrests Suspect in RTX Ransomware Attack That Disrupted Airports
A ransomware attack on Collins Aerospace's MUSE software caused widespread flight disruptions at European airports, leading to an arrest by UK authorities. The MUSE software, which runs on separate customer networks, is critical for shared airport operations like check-ins and baggage handling, a...
Read More » -
New 'Obscura' Ransomware Emerges as Stealthy Threat
A new ransomware called "Obscura," discovered in late August 2025, uses domain infrastructure to stealthily spread across corporate networks by placing itself in the NETLOGON share for automatic replication. Upon execution, it disables recovery mechanisms like Volume Shadow Copies, terminates ove...
Read More » -
SonicWall Confirms Firewall Backup Files Breached in Cyberattack
SonicWall experienced a security breach where unauthorized access to its cloud backup service exposed sensitive firewall configuration data for a small subset of customers. The compromised files did not contain unencrypted credentials but included details that could help threat actors target rela...
Read More » -
Self-Propagating Attack Infects 187 npm Packages
A self-propagating worm named 'Shai-Hulud' has compromised at least 187 npm packages, starting with @ctrl/tinycolor and spreading to include modules under CrowdStrike’s namespace. The malware injects malicious scripts to steal sensitive credentials using TruffleHog and creates unauthorized GitHub...
Read More » -
CrowdStrike & Meta Simplify AI Security Tool Evaluation
CrowdStrike and Meta have launched CyberSOCEval, an open-source benchmarking suite to evaluate large language models' effectiveness in critical security tasks. The framework tests LLMs in incident response, threat analysis, and malware detection to help organizations identify genuinely effective ...
Read More » -
Education Sector Fortifies Ransomware Defenses, But IT Teams Pay a Heavy Price
Educational institutions are improving ransomware defenses, with 97% successfully recovering encrypted data and average ransom payments dropping significantly. Despite progress, vulnerabilities persist due to inadequate staffing and evolving threats like AI-enhanced phishing, while IT staff face ...
Read More » -
Wealthsimple Data Breach: Supply Chain Attack Exposes User Info
A data breach at Wealthsimple compromised sensitive client information due to a supply chain attack, but no account passwords or funds were accessed. Exposed data includes contact details, government IDs, Social Insurance Numbers, dates of birth, IP addresses, and account numbers, with affected c...
Read More » -
Fintech Firm Targeted in $130M Bank Heist Attempt by Hackers
Hackers attempted to steal approximately $130 million from Sinqia S.A., a Brazilian fintech subsidiary, by exploiting stolen credentials to access Brazil's Pix payment network. The breach was detected and contained, with some funds recovered and no customer data compromised, though Sinqia's acces...
Read More » -
Top Cybersecurity Jobs Hiring Now: August 26, 2025
The global demand for skilled cybersecurity professionals is rising across diverse industries, including construction, retail, finance, and government, offering opportunities at all career levels. Numerous organizations worldwide are actively hiring for a variety of cybersecurity roles, ranging f...
Read More » -
Malicious npm Code Infiltrated 10% of Cloud Environments
A supply chain attack using malicious npm packages has compromised about 10% of cloud environments, initiated by a threat actor who hijacked a developer's account to publish trojanized packages. The malicious code, which embedded crypto-stealing malware to intercept and reroute cryptocurrency tra...
Read More » -
AI-Generated Code: The Hidden Cost of Human Cleanup
AI-generated code now accounts for about a quarter of production code but introduces new vulnerabilities, with many organizations experiencing security incidents due to flaws in this automated output. Accountability for security breaches involving AI-generated code is unclear, as responsibility i...
Read More » -
NETSCOUT Boosts Kubernetes Visibility with Continuous Observability
NETSCOUT has launched the Omnis KlearSight Sensor for Kubernetes to provide deep, real-time insights into performance, health, and costs in complex multi-cluster environments. The solution captures decrypted packets directly from the Linux kernel using eBPF technology, enabling visibility into en...
Read More » -
Illumio's AI Agent Slashes Alert Fatigue, Speeds Threat Response
Illumio's Insights Agent tackles alert fatigue by providing real-time, tailored alerts and one-click remediation recommendations, helping security teams prioritize and neutralize threats efficiently. The system delivers persona-based AI guidance, offering role-specific risk assessments and action...
Read More »
