RSACRSAC 2025: Vishing defenses that go beyond trainingLaura FrenchApril 30, 2025Voice firewalls, call authentication and real-time fraud detection offer robust vishing prevention.
AI/MLRSAC 2025: Being realistic about fixing code with LLMsLaura FrenchApril 29, 2025More than 2,500 test runs show the code analysis capabilities and limitations of popular models.
AI/MLRSAC 2025: Agentic AI highlights need for inclusive authentication methodsLaura FrenchApril 29, 2025Flexibility aids both AI agent and disability-accessible identity management.
AI/MLRSAC 2025: Using an ‘MRI’ for neural networks to understand LLM jailbreaksLaura FrenchApril 28, 2025CyberArk researchers studied how specific neurons and layers of LLM architecture respond to prompts.
Vulnerability ManagementMicrosoft Office 365 MFA targeted by ‘SessionShark’ phishing kitLaura FrenchApril 25, 2025The malicious service is advertised to evade detection and closely mimic a real login page.
AI/ML‘Vibe coding’ using LLMs susceptible to most common security flawsLaura FrenchApril 24, 2025OpenAI’s models were most likely to produce vulnerable code in tests by Backslash Security.
Cloud SecurityGoogle fixes Cloud Composer privilege escalation vulnerabilityLaura FrenchApril 22, 2025Tenable researchers say “ConfusedComposer” highlights how attackers can exploit cloud service permissions.
RansomwareFog ransomware notes troll with DOGE references, bait insider attacksLaura FrenchApril 21, 2025Recent Fog samples are spread through phishing emails referencing pay adjustments.
Data SecurityHHS fines Guam hospital over ransomware attack, HIPAA violationsLaura FrenchApril 18, 2025A ransomware attack and incident involving former employees led to potential HIPAA violations.
IdentityIdentity-based cyberattacks a third of intrusions, drop infostealersLaura FrenchApril 17, 2025IBM’s X-Force 2025 Threat Intelligence Index reveals an increase in misuse of valid credentials.
