Safer Conversational AI for Cybersecurity: The BIX Approach
Here’s a scenario security teams increasingly face. A user—or an attacker pretending to be one—types something like: This is how...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass
ESET Research has discovered HybridPetya, on the VirusTotal sample sharing platform. It is a copycat of the infamous Petya/NotPetya malware,...
Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS
Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS Pierluigi Paganini September 12, 2025 Cisco addressed multiple high-severity...
CISA Lays Out Roadmap for CVE Program’s ‘Quality Era’
Five months after the future of the CVE program was thrown in doubt, CISA this week released a roadmap that...
Randall Munroe’s XKCD ‘Dual Roomba’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘Dual...
Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks
Sep 12, 2025Ravie LakshmananVulnerability / Mobile Security Samsung has released its monthly security updates for Android, including a fix for...
Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms
Sep 12, 2025Ravie Lakshmanan Apple has notified users in France of a spyware campaign targeting their devices, according to the...
Cybersecurity Snapshot: Security Lags Cloud and AI Adoption, Tenable Report Finds, as CISA Lays Out Vision for CVE Program’s Future
Check out Tenable’s report detailing challenges and best practices for cloud and AI security. Plus, CISA rolled out a roadmap...
M365 Copilot customers get access to sales, service and finance AI assistants
Microsoft’s Copilots for sales, service and finance will be included in Microsoft 365 Copilot subscriptions at no extra cost, Microsoft said...
From Cyberbullying to AI-Generated Content – McAfee’s Research Reveals the Shocking Risks
The landscape of online threats targeting children has evolved into a complex web of dangers that extend far beyond simple...
Samsung fixed actively exploited zero-day
Samsung fixed actively exploited zero-day Pierluigi Paganini September 12, 2025 Samsung fixed the remote code execution flaw CVE-2025-21043 that was...
UK train operator LNER (London North Eastern Railway) discloses a data breach
UK train operator LNER (London North Eastern Railway) discloses a data breach Pierluigi Paganini September 12, 2025 LNER warns of...
Apple issues spyware warnings as CERT-FR confirms attacks
Apple issues spyware warnings as CERT-FR confirms attacks Pierluigi Paganini September 12, 2025 Apple warned users of a spyware campaign;...
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit
Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the...
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning
Sep 12, 2025Ravie LakshmananVulnerability / Cyber Espionage The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical...
