Adaptable Secrets Vaulting for Dynamic Environments
Are You Fully Optimizing Non-Human Identities in Cybersecurity? Ensuring the security and efficiency of Non-Human Identities (NHIs) is crucial. These...
Security
Randall Munroe’s XKCD ‘’100% All Achievements”
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink *** This is a Security Bloggers...
A critical WatchGuard Fireware flaw could allow unauthenticated code execution
A critical WatchGuard Fireware flaw could allow unauthenticated code execution Pierluigi Paganini October 17, 2025 A critical WatchGuard Fireware vulnerability,...
Q3 Ransomware Attacks Increase 36% YoY, BlackFog Report Reveals
Image: AVC Photo Studio/Adobe Stock A fog has lifted, and the news about ransomware reveals we fell on black days....
Threat Intelligence Executive Report – Volume 2025, Number 5
The Counter Threat Unit™ (CTU) research team analyzes security threats to help organizations protect their systems. Based on observations in...
Microsoft revokes 200+ certificates abused by Vanilla Tempest in fake Teams campaign
Microsoft revokes 200+ certificates abused by Vanilla Tempest in fake Teams campaign Pierluigi Paganini October 17, 2025 Microsoft revoked 200+...
PowerSchool hacker got four years in prison
PowerSchool hacker got four years in prison Pierluigi Paganini October 17, 2025 Matthew D. Lane, a Massachusetts student, got four...
Differences Between Secure by Design and Secure by Default
Introduction: The Rising Importance of Proactive Security Okay, so, proactive security – it's kinda a big deal now, right? I...
Attack Surface Management vs. Vulnerability Management — What’s Changed
For years, vulnerability management (VM) has been a cornerstone of cybersecurity services. Managed Security Providers (MSPs) and Managed Security...
Samba WINS Command Injection Vulnerability (CVE-2025-10230) Notice
Overview Recently, NSFOCUS CERT detected that Samba released a security update to fix the Samba WINS command injection vulnerability (CVE-2025-10230);...
Microsoft’s Patch Tuesday: 172 Flaws Fixed
Image: EV_Korobov/Adobe Stock Microsoft has released its October 2025 Patch Tuesday updates, addressing 172 security flaws, including six zero-day vulnerabilities....
SIEM, Startups, and the Myth (Reality?) of IT Inertia: A Reformed Analyst Reflects on SIEM MQ 2025
Vaguely magical and quadranty thing (Gemini) It’s not every day you get to reflect on a journey that started as an...
NDSS 2025 – Workshop on Binary Analysis Research (BAR) 2025, Session II: Applying Binary Analysis
Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS...
U.S. CISA adds Adobe Experience Manager Forms flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Adobe Experience Manager Forms flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini October 16, 2025 U.S. Cybersecurity...
China-linked APT Jewelbug targets Russian IT provider in rare cross-nation cyberattack
China-linked APT Jewelbug targets Russian IT provider in rare cross-nation cyberattack Pierluigi Paganini October 16, 2025 China-linked APT Jewelbug targeted...
