Series A Accelerates AI Development, Integration Expansion, and Product-Led Growth Strategy Michael Novinson (MichaelNovinson) • September 4, 2025 Sola Security CEO Guy Flechter and COO Ron Peled (Image: Sola Security) Sola Security, under the leadership of former Palo Alto Networks’ application security head, has successfully secured $35 million in Series…
Potential Security Breach Due to Misissued TLS Certificates A recent alarming security discovery has raised concerns about the vulnerabilities inherent in the public key infrastructure (PKI) supporting internet trust. The precise details surrounding the organization or individual responsible for acquiring unauthorized credentials remain unclear, as representatives from Fina have not…
In a recent report, Google disclosed its findings on the exploitation of 75 zero-day vulnerabilities throughout 2024, a decline from 98 detected in 2023 yet an increase from the previous year’s 63. Notably, 44% of these vulnerabilities primarily targeted enterprise products, with 20 affecting security software and appliances. The Google…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Exploitation of Microsoft Blocklist Gap: Silver Fox’s Undetected Operations Pooja Tikekar ( @PoojaTikekar) • September 2, 2025 Image: Jim Cumming/Shutterstock A cyber-espionage campaign attributed to a Chinese nation-state actor, identified as Silver Fox, has successfully exploited a gap in Microsoft’s signed driver…
This week, cybersecurity experts reported a notable uptick in stealthy tactics employed by malicious actors, indicating that the real challenge may lie in identifying the threats that have already infiltrated systems rather than defending against external breaches. Attack methodologies increasingly leverage AI to manipulate public opinion, while malware masquerades within…
Amazon has effectively thwarted a watering hole campaign orchestrated by the Russian APT29, known as Midnight Blizzard, which exploited compromised websites to undermine Microsoft authentication through malicious redirects. The incident came to light when Amazon’s security team discerned new activities from APT29, a threat group correlated with Russia’s Foreign Intelligence…
Phishing has long been a pervasive threat to both businesses and consumers, with its tactics rooted in social engineering to extract sensitive information. This issue continues to escalate, as recent statistics indicate that phishing has accounted for more than 30% of all documented security breaches. The COVID-19 pandemic exacerbated the…
Microsoft has disclosed that a recently patched security vulnerability within the Windows Common Log File System (CLFS) was actively exploited as a zero-day in targeted ransomware attacks against several entities. This flaw, identified as CVE-2025-29824, was employed to escalate privileges, thus granting attackers SYSTEM-level access. The affected organizations span multiple…
Cloud Security, Government, Industry Specific U.S. Defense Department Halts and Reviews Microsoft’s ‘Digital Escorts’ Program Chris Riotta (@chrisriotta) • August 29, 2025 Image: Austin Nooe/Shutterstock The U.S. Department of Defense (DoD) has launched a review of Microsoft’s employment of Chinese nationals to assist in coding for military cloud infrastructure. This…
