RansomwareMost cyber insurance claims stem from BEC, fraud, report saysLaura FrenchMay 7, 2025The Coalition 2025 Cyber Claims Report revealed an increase in severity of BEC losses in 2024.
RansomwareMamona ransomware lowers the bar with offline encryptionLaura FrenchMay 6, 2025Simplistic “commodity” ransomware makes it easy to launch low-skill attacks.
RSACRSAC 2025: Top 5 mobile app risks revealed by half a million assessmentsLaura FrenchMay 1, 2025Organizations can’t assume apps from the Apple and Google Play stores have been tested for security.
RSACRSAC 2025: Vishing defenses that go beyond trainingLaura FrenchApril 30, 2025Voice firewalls, call authentication and real-time fraud detection offer robust vishing prevention.
AI/MLRSAC 2025: Being realistic about fixing code with LLMsLaura FrenchApril 29, 2025More than 2,500 test runs show the code analysis capabilities and limitations of popular models.
AI/MLRSAC 2025: Agentic AI highlights need for inclusive authentication methodsLaura FrenchApril 29, 2025Flexibility aids both AI agent and disability-accessible identity management.
AI/MLRSAC 2025: Using an ‘MRI’ for neural networks to understand LLM jailbreaksLaura FrenchApril 28, 2025CyberArk researchers studied how specific neurons and layers of LLM architecture respond to prompts.
Vulnerability ManagementMicrosoft Office 365 MFA targeted by ‘SessionShark’ phishing kitLaura FrenchApril 25, 2025The malicious service is advertised to evade detection and closely mimic a real login page.
AI/ML‘Vibe coding’ using LLMs susceptible to most common security flawsLaura FrenchApril 24, 2025OpenAI’s models were most likely to produce vulnerable code in tests by Backslash Security.
Cloud SecurityGoogle fixes Cloud Composer privilege escalation vulnerabilityLaura FrenchApril 22, 2025Tenable researchers say “ConfusedComposer” highlights how attackers can exploit cloud service permissions.
