Zero Trust: Beyond the hype, toward reality
Security is approaching Zero Trust all wrong. Vendors are promising too much and delivering too little.
Information Security Buzz
20 articles
From AI hype to operational reality: A practitioner’s framework for securing agentic systems
Most organizations already have AI governance discussions underway. They have policies, working groups, acceptable-use guidance, and long lists of principles...
The missing link in cyber resilience: Bridging the identity visibility gap
The enterprise security perimeter didn’t evolve; it dissolved, and what replaced it isn’t a newer, stronger boundary. It’s the absence of one.
Dutch police, NCSC take down major botnet
A collaboration between the Dutch National Police and the National Cyber Security Centre (NCSC), has seen a large botnet being shut down. In this operation, ...
Palo Alto warns of active exploitation of GlobalProtect authentication bypass flaw
Palo Alto Networks has alerted customers about the ongoing exploitation of the authentication bypass vulnerability in PAN-OS GlobalProtect. The vulnerability...
CrowdStrike, Google, and Shadowserver Foundation disrupt Glassworm botnet
CrowdStrike has shared details of a coordinated operation used to disable the Glassworm botnet, which targets software developers and leverages open-source e...
Artificial intelligence and elections: When an election is annulled because of TikTok
On 6 December 2024, the Constitutional Court of Romania took an unprecedented step: it annulled the first round of the country’s presidential election. Not o...
Threat Actors Deploy Tiflux RMM for Persistent Remote Access
Threat actors are abusing legitimate RMM tools as a means of creating persistence inside victims’ systems, using the Tiflux RMM tool. Tiflux is a reputable B...
Building cyber resilience for mission-critical operations in 2026
For a long time, cybersecurity has been viewed as a technology-based problem, with leaders focused on crafting intelligent protective systems designed to pre...
Major US telecom providers debut C2 ISAC to counter AI-driven threats
Eight of the leading communications companies in the United States have created a new cybersecurity alliance that aims to improve threat intelligence sharing...
Expert panel: Passwordless security and the new identity battleground
For years, passwords were the only thing that mattered for securing our online presence, but the discussion around authentication is evolving rapidly. Passke...
Verizon DBIR 2026: What the experts are saying
According to the 2026 Verizon Data Breach Investigations Report, the threat environment is transforming in terms of speed, scale, and interconnected risk. Fo...
Exploited Faster, Patched Slower: Verizon DBIR 2026 Shows Security Teams Losing Ground
The Verizon 2026 Data Breach Investigations Report (DBIR) reveals a threat environment moving much faster than many organizations can reasonably protect them...
How EM is Boosting the Career Trajectory of VM Analysts
As organizations shift from vulnerability management (VM) to exposure management (EM), the role of the VM analyst must evolve or become outmoded. This necess...
NCSC warns organisations not to rush into agentic AI
UK’s National Cyber Security Centre (NCSC) has advised businesses to proceed with caution when considering the implementation of agent-based AI, suggesting t...
7-Eleven Notifies Franchise Applicants After Breach Exposes Personal Data
A security breach notification process has been initiated by 7-Eleven as a result of a security incident where an outside party was able to gain access to th...
OpenAI rotates certificates after TanStack supply chain attack hits employee devices
OpenAI has confirmed that two employee devices were compromised in the recent TanStack npm supply chain attack, prompting the company to rotate code-signing ...
Microsoft discloses Exchange zero-day with no patch yet available
Microsoft has disclosed a zero-day vulnerability that affects Exchange Server 2016, 2019, and Subscription Edition. This vulnerability would give bad actors ...
Beyond deepfakes: Building identity resilience against AI impersonation
Generative AI is changing the economics of identity fraud. Voice cloning, real-time face animation, synthetic documents, and AI-assisted social engineering a...
Cyberattack on West Pharmaceutical halts manufacturing across multiple sites
West Pharmaceutical Services has disclosed a ransomware attack that disrupted manufacturing, shipping, and receiving operations across multiple global facili...