DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
The New York Department of Financial Services (“NYDFS”) implemented the final phases of amendments to its NYDFS Cybersecurity Regulation (23 NYCRR Part 500) in May and November....more
Threat actors had another banner year in 2025. As we head into 2026, looking back on the five top security threats of 2025 may inform our strategy and budgeting for 2026 to prepare for the continued onslaught of attacks....more
The European Central Bank (ECB) has published its guide on implementing the Threat Intelligence-based Ethical Red Teaming (TIBER-EU) framework for mandatory threat-led penetration testing (TLPT) of significant institutions...more
The statistics listed in the Quarterly Threat Report: Third Quarter, 2025, issued by Beazley Security are eye popping. They include: August and September showed a sharp increase in ransomware activity, with those months...more
The quality of the CFPB’s information security program “has decreased since last year, leading us to conclude the program no longer is effective,” the bureau’s Inspector General (IG), said in a report. The bureau’s overall...more
Recently, the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), and Canadian Centre for Cyber Security...more
A new report from Anthropic, a leading Artificial Intelligence (AI) company, highlights a troubling development in the cybersecurity landscape: threat actors are now using AI to automate nearly every step of a cyber extortion...more
The holidays are upon us, and the last thing retailers want to do is respond to a security incident. Close behind, we’re sure, are changes to systems and policies at this time of year. But what can you do now to...more
A recent campaign by the CL0P ransomware group has targeted on-premises, customer-managed Oracle E-Business Suite (EBS) systems, resulting in the potential for widespread data exfiltration and extortion attempts. The...more
Oracle has confirmed that the threat actor group Cl0p is actively exploiting a zero-day vulnerability in the Oracle E-Business Suite product, versions 12.2.3-12.2.14. On October 4, 2025, Oracle advised its customers in a...more
On 24 September 2025, Singapore’s Police Force (SPF) issued a formal Implementation Directive (Directive) to a major social media platform (Platform), requiring urgent remedial action in response to a sharp rise in...more
What’s Happening: Recent investigations by leading threat intelligence and incident response teams have identified a sophisticated and persistent cyber campaign leveraging the BRICKSTORM malware, attributed to UNC5221 and...more
U.S. federal agencies, including the Federal Bureau of Investigation (FBI), National Security Agency, and Cybersecurity and Infrastructure Security Agency (CISA), along with security and intelligence agencies from 12 partner...more
On August 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the United States Department of Defense...more
Illumina, Inc., a publicly-traded biotechnology company, agreed to a $9.8 million settlement with the U.S. Department of Justice (DOJ) in response to alleged violations of the False Claims Act (FCA). DOJ alleged that Illumina...more
The UK Financial Conduct Authority (FCA) published a summary of discussions held throughout 2024 with industry members of the FCA's Cyber Coordination Group programme. The publication is not intended to introduce any...more
The Cybersecurity & Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and international partners issued an updated advisory on July 29, 2025, highlighting the evolving tactics, techniques, and...more
Ransomware group Akira is believed to be behind a large number of attacks that appear to be tied to SonicWall firewalls with SSLVPN enabled. Over the past week, a large number of attacks by the ransomware group Akira have...more
Introduction - On July 19, 2025, Microsoft announced two new vulnerabilities that are actively being exploited (CVE-2025-49704 and CVE-2025-49706) and that relate to on-premises Microsoft SharePoint instances that are exposed...more
Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), and a remote code execution vulnerability (CVE-2025-49704) are being actively...more
On July 20, 2025, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) issued urgent warnings about new, actively exploited vulnerabilities in Microsoft SharePoint Server. These vulnerabilities, known as...more
Microsoft has just disclosed a serious vulnerability in SharePoint (CVE-2025-53770) that allows unauthenticated attackers to remotely execute code in a SharePoint server hosted on-prem – no user interaction required....more
The European Union Agency for Cybersecurity (ENISA) has launched the European Vulnerability Database (EUVD), a tool designed to enhance digital security across the EU. The EUVD is available here....more
On May 1, 2025, additional enhanced cybersecurity controls required by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) take...more
SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise...more