All Articles

In the realm of cybersecurity, human error accounts for 75% of breaches, yet it’s not just about “stupid humans.” Recent insights reveal that 10% of users contribute to 73% of risk, while over 60% foster vigilance. With the right empowerment, visibil

The Cybersecurity Vault — episode 48, with guests Wade Baker, Ashley Rose, and Sumona Banerji.

Are people the weakest link in cybersecurity or perhaps a powerful untapped asset?

Let’s explore the latest research data, tease out the behavioral importanc

We are entering the greatest window of opportunity for criminals and malicious actors since the creation of the Internet. Carnegie Mellon researchers have shown how AI systems can autonomously plan and execute cyberattacks against enterprise-grade de

Palo Alto, Calif., July 29, 2025, CyberNewswire — Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such as “Verified” and “Chrome Featured” provided by extension stores as a security in

Remember when I said don’t install browser extensions, as they have unimaginable access to your private data and secrets?  Well, password managers definitely fall into that category as well! 

In general, never install a browser extension, seriously –

Google’s vulnerability finding team is again pushing the envelope of responsible disclosure:

Google’s Project Zero team will retain its existing 90+30 policy regarding vulnerability disclosures, in which it provides vendors with 90 days before full

Microsoft recently introduced a new framework designed to assess the security of AI models. It’s always encouraging to see developers weaving cybersecurity considerations into the design and deployment of emerging, disruptive technologies. Stronger s

Security teams can no longer afford to wait for alerts — not when cyberattacks unfold in milliseconds.

That’s the core warning from Fortinet’s Derek Manky in a new Last Watchdog Strategic Reel recorded at RSAC 2025. As adversaries adopt AI-driven to

AI can be a powerful tool for security, allowing us to deploy agents at points of vulnerability. This proactive approach helps in scanning and protecting our systems more effectively.

Stuart Evans, a distinguished professor at Carnegie Mellon Univers

Newark, NJ, Aug. 4, 2025, CyberNewswire—Early Bird registration is now available for the inaugural OpenSSL Conference, scheduled for October 7–9, 2025, in Prague. The event will bring together leading voices in cryptography, secure systems, and open-

Are we ready for AI as it evolves to influence or drive business leadership roles?

Stuart Evans, a distinguished professor at Carnegie Mellon University, discusses the transformative impact of AI on leadership roles and business operations. We explore

An Arizona woman was sentenced to eight-and-a-half years in prison for her role helping North Korean workers infiltrate US companies by pretending to be US workers.

From an article:

According to court documents, Chapman hosted the North Korean IT wo

London, Aug. 11, 2025, CyberNewswire—A survey of 80 North American MSPs shows fragmented security stacks drive fatigue, missed threats, and business inefficiency

Security tools meant to protect managed service providers are instead overwhelming them

The Cybersecurity Vault with guest Michael Fasulo

The quantum cliff is coming. Q-Day is the point in time when quantum computers become powerful enough to break most data encryption. It is inevitable that legacy algorithms will be undermined and the r

Heads-up to my Intel and former Intel colleagues — a data breach has been discovered that exposed information on 270k workers. The good news, is that the data was probably not very sensitive as it was the internal system used to order business cards.

“Who’s winning on the internet, the attackers or the defenders?”

I’m asked this all the time, and I can only ever give a qualitative hand-wavy answer. But Jason Healey and Tarang Jain’s latest Lawfare piece has amassed data.

The essay provides the fi

We’re excited to bring you an AI Demo Talk on "Harnessing AI to Personalize and Automate Human Risk Management" with Uzair Ahmed Gilani (CTO, Right-Hand Cybersecurity). In this session, we’ll dive into how AI can transform the way organizations manag

LAS VEGAS — A decade ago, the rise of public cloud brought with it a familiar pattern: runaway innovation on one side, and on the other, a scramble to retrofit security practices not built for the new terrain.

Related: GenAI workflow risks

Shadow IT

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Cloud Threat Horizons Report, #12 (full version) that we just released (the official blog for #1 report, my unofficial