A new variant of data-wiping malware, identified as CryWiper, has emerged and is specifically targeting Russian government institutions, such as mayoral offices and courthouses. Unlike traditional ransomware that encrypts data, CryWiper masquerades as ransomware but ultimately destroys data without providing any means of recovery. Kaspersky researchers Fedor Sinitsyn and Janis…
Artificial Intelligence & Machine Learning, Governance & Risk Management, Identity & Access Management Why CISOs Must Rethink Access, Behavioral Analytics and AI Governance at Scale Joe Cozzupoli • September 9, 2025 Image: Shutterstock Zero trust has evolved from a mere buzzword into a fundamental component of contemporary security frameworks. The…
Cybersecurity experts are sounding alarms about a recent campaign utilizing cracked software versions to spread information-stealing malware, including notable variants such as Lumma and ACR Stealer. The AhnLab Security Intelligence Center (ASEC) has reported a significant increase in ACR Stealer distributions since January 2025. This malware employs a technique known…
Risks in Data Center Lending: Development Delays and SLA Breaches Recent reports highlight increasing concerns surrounding data center lending, revealing significant risks associated with development delays and breaches of Service Level Agreements (SLAs). These challenges are gaining attention as they threaten not only the financial integrity of data center operations…
A targeted cyber intrusion campaign has been actively engaging telecommunications and business process outsourcing (BPO) companies since at least June 2022. This ongoing assault aims to infiltrate mobile carrier networks and is characterized by SIM swapping techniques, as highlighted in recent investigations by CrowdStrike. Researcher Tim Parisi detailed these findings…
Professional Certifications & Continuous Training, Training & Security Leadership The Power of Tech Tools: Understanding Fundamentals is Essential Brandy Harris • September 10, 2025 Image: Shutterstock The initial encounter with advanced tools often feels transformative; much like the experience of using a scientific calculator for the first time, users may…
The cybersecurity landscape has experienced notable turbulence in the first quarter of 2025, marked by intensifying attacks from cybercriminals employing innovative methods to breach defenses. This report highlights significant malware families and their corresponding analyses within controlled environments. One of the prominent threats this quarter is the NetSupport Remote Access…
This week, cybersecurity concerns took center stage as several prominent companies revealed serious data breaches linked to vulnerabilities in third-party service providers. The incidents, notably affecting Tenable, Qualys, and Workday, underscore the significant risks inherent in today’s digital supply chain. Tenable and Qualys, well-known leaders in vulnerability management, disclosed that…
A significant security exploit has been identified within the Next.js React framework, revealing a potential pathway for attackers to bypass authorization checks under specific circumstances. The vulnerability is identified as CVE-2025-29927 and has been assigned a CVSS score of 9.1, indicating its high severity. According to an advisory from Next.js,…
