The digital world is changing fast, and now AI agents are appearing as non-human users who act autonomously. They log in to systems, handle transactions, review data, and even negotiate or create things without people having to step in every time. This shift means greater overall demand for software and changes how work is done. However, this should prompt you to consider online trust and security.
Read more...Ransomware is evolving beyond a straightforward data theft issue as technology advances criminal capabilities.…
Read more...
Anthropic’s announcement of Mythos threw a lot of FUD into the cybersecurity market without significant third-party validation of its abilities. Is that FUD justified, another legal form of extortion designed to get security budget dollars, or just another weird marketing ploy? Maybe more to the point, is it a sheep in wolf’s clothing?
Mythos does not address encryption, identity or social engineering, representing most of the issues of cybersecurity, It just deals with vulnerabilities in code development. That might negatively impact the cloud-native application protection platform (CNAPP) sector but, at the same time, the tool is only being offered to Fortune 100 companies. Meanwhile, there are hundreds of thousands of large, medium and small enterprises that won’t get it, at least anytime soon unless they steal it.
Read more...
Today’s small and growing businesses run on the cloud, from invoicing and CRM to collaboration and communication. But as cloud adoption accelerates, so does the risk. Cybercriminals increasingly target small businesses precisely because their security posture tends to lag behind their digital footprint.
Read more...
In today's organizational cybersecurity initiatives, incremental change is no longer enough. Bad actors are too organized and focused on using sophisticated AI-driven attacks that shred incremental security attempts. These AI hacking tools enable even novice hackers to carry out advanced attacks across the entire network.
Artificial intelligence (AI) has had everyone agog with the possibility of replacing engineers and putting software creation in the hands of non-developers. Everyone is talking about “vibe coding,” where all you have to do is describe a working idea, and an application appears. AI is clearly changing our approach to software development, but it’s not as foolproof as you may think. Building scalable enterprise applications is still hard, especially when you need to make them secure.
Read more...
Ransomware has evolved; attackers now hunt for backup systems before launching the main strike. They slip into an environment, corrupt the recovery chain, then trigger the payload when escape routes are already gone. AI is only accelerating this shift, giving attackers tools to scan networks and breach defences at scale. Backups alone no longer guarantee a way out, so organisations need to ensure recovery is fast, predictable, and resilient – even when data protection layers are compromised.
Read more...
Subdomain takeover is one of those vulnerabilities that refuses to die. Every few years it gets rediscovered, scanners add more signatures, and reports get louder, but in my opinion not better. After running real world assessments for years, I kept hitting my head on the wall with tools that are flagging dozens of possible takeovers, and most of them collapse when you actually look at them.
You must be a Free member to access this content.
California this year launched an online site to put teeth into the 2023 California Delete Act. It could be the most powerful privacy tool consumers have ever had. It could also create havoc for the data broker and social media industries.
On January 1, the California Delete Request and Opt-out Platform (DROP) is an online tool allowing residents to remove and opt out of data collection. On the site, consumers enter personal identifiers, including phone numbers and email addresses currently in use. After submit the request, data brokers must process the deletion request within 45 days. The starting date, August 1, 2026, gives brokers the time to establish internal processes. People requesting the deletions can check their DROP status after that date to see if your data was deleted. They can add more information about themselves at any time. New data can take up to 90 days to process.
California’s Delete Act was a step forward, but lacked the mechanism to allow consumers to easily get their data removed. Instead of a single place, they contacted every company they knew carried their data and submitted a letter requesting deletion. But they had to know where that data was to issue a request, and they would never know if it had ever been deleted. The state also now offers a website allowing residents to know how many data brokers are collecting data.
Read more...The rapid evolution of AI has inaugurated a new era of productivity and efficiency across industries.…
Read more...