SC Media
20 articles
China-linked group uses InfiniteRed malware to target medical research institutions
The attackers, identified as UNC6508, likely exploited older, vulnerable versions of REDCap to gain initial access, although the exact method remains undeter...
Leading job sites sell user data, Incogni report reveals
A report by Incogni found that ZipRecruiter, LinkedIn, and Monster are among the top platforms for collecting and sharing personal information.
Mackay Sugar hit by cyberattack during crucial processing season
The cyberattack on Mackay Sugar occurred during its peak crushing season, forcing two of its three mills offline and disrupting operations.
FBI warns of couriers collecting crypto scam payments
As reported by Bleeping Computer, the U.S.
SearchLeak vulnerability allows data theft from Microsoft 365 Copilot Enterprise
The SearchLeak vulnerability, identified as CVE-2026-42824, is a three-stage attack chain developed by Varonis researchers.
1Password acquires Apono to bolster AI security
1Password, known for its password manager, will integrate Apono's just-in-time access management platform to secure cloud environments and manage AI agent ac...
Gigamon and Zscaler integrate network telemetry with zero-trust access
The integration connects Zscaler Private Access, which grants application access based on identity and policy without users landing on the corporate network,...
PAN-OS GlobalProtect bug actively exploited, added to CISA's KEV list
Unit 42 says exploited PAN-OS GlobalProtect flaw remains a VPN risk despite patches.
What Is Identity Governance and Administration?
Why CISA's 3-day patching mandate misses the point
Ai has broken our patching system – and here’s what needs to change.
New Argamal malware disguised as adult games targets users
The Argamal malware is distributed through adult game websites, file-sharing platforms, and torrent trackers.
Former IT employee sentenced to 21 months for school district cyberattack
Ezekiel Dean Potter, 34, who worked as a senior IT support specialist, retained access credentials after his employment ended in April 2023 and targeted the ...
Conan O'Brien stars in new cybersecurity training series
The 15-part video series, created in collaboration with Team Coco, addresses AI-driven threats such as phishing, impersonation, voice cloning, and deepfakes.
FBI builds replica town to train agents in cyberattack investigation
The FBI's Kinetic Cyber Range, a 22,000 square-foot replica town in Huntsville, Alabama, features houses, a hotel, a gas station, a courthouse, a hospital, a...
Why non-human identities (NHIs) require a change in mindset
Security teams have to get that NHIs are not just a static secret in a vault, they active participants in the business.
Securing the model: Protecting AI systems from compromise
Here's how exposure management offers a practical framework for securing AI.
Safe AI at scale, what happens after initial access, and the weekly enterprise news - Albert Estevez Polo, Shiva Pillay - ESW #463
CISA gives agencies 3 days to patch maximum severity Ivanti vulnerability
CISA’s newest binding operational directive imposes short deadlines for the most severe flaws.