Is Outlook Email Encryption HIPAA Compliant? A Complete Guide for 2026
Key Takeaways Outlook can support HIPAA compliance, but only with Microsoft 365 E3 or higher and proper configuration. Standard...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
Ravie LakshmananMar 05, 2026Malware / Threat Intelligence A suspected Iran-nexus threat actor has been attributed to a campaign targeting government...
Where Multi-Factor Authentication Stops and Credential Abuse Starts
Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are no longer enough to access systems. In Windows...
APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
Ravie LakshmananMar 05, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have disclosed details of a new Russian cyber campaign that...
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
Tycoon 2FA, one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at...
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
Ravie LakshmananMar 05, 2026Malware / Dark Web A joint law enforcement operation has dismantled LeakBase, one of the world's largest...
Europol, Microsoft, TrendAI™ and Collaborators Halt Tycoon 2FA Operations
The operations of phishing-as-a-service (PhaaS) platform Tycoon 2FA was taken offline this week by the combined effort of law enforcement that includes Europol and other partner agencies, as well...
2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk
This post is a companion piece to our presentation at Real World Crypto (RWC) 2026 in Taipei, Taiwan on...
Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1
Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1 Pierluigi Paganini March 05, 2026 Google warns of the Coruna iOS...
Protecting education: How MDR can tip the balance in favor of schools
Business Security The education sector is notoriously short on cash, but rich in assets for threat actors to target. How...
Post-Quantum Cryptographic Agility in MCP Resource Governance
Introduction to the 4 Pillars in the Quantum Era Honestly, if you're still relying on basic firewalls to protect...
Cisco fixes maximum-severity Secure FMC bugs threatening firewall security
Cisco fixes maximum-severity Secure FMC bugs threatening firewall security Pierluigi Paganini March 04, 2026 Cisco patched two critical Secure FMC...
Automate or orchestrate? Implementing a streamlined remediation program to shorten MTTR
Automate or orchestrate? Implementing a streamlined remediation program to shorten MTTR Pierluigi Paganini March 04, 2026 Security teams want lower...
Smashing Security podcast #457: How a cybersecurity boss framed his own employee
When a top cybersecurity firm discovered it had a leak, you would expect the FBI to be called. Instead, the...
How does NHI management empower proactive security measures
What Does NHI Management Mean for Your Enterprise’s Security? How do organizations ensure their digital assets remain secure amidst...
