CyberSecure Specialist

03 Dec

CISA, Australia, and Partners Author Joint Guidance on Securely Integrating Artificial Intelligence in Operational Technology

Attacks, Insights, Malware

CISA and the Australian Signals Directorate’s Australian Cyber Security Centre, in collaboration with federal and international partners, have released new cybersecurity guidance: Principles for the Secure Integration of Artificial Intelligence in Operational Technology. This guidance aims to help critical infrastructure owners and operators integrate artificial intelligence (AI) into operational technology (OT) systems securely, balancing the benefits of AI—such as increased efficiency, enhanced decision-making, and cost savings—with the unique risks it poses to the safety, security, and reliability…

Read More
02 Dec

Oversharing is not caring: What’s at stake if your employees post too much online

Information

Social Media From LinkedIn to X, GitHub to Instagram, there are plenty of opportunities to share work-related information. But posting could also get your company into trouble. Phil Muncaster 01 Dec 2025  •  , 5 min. read Employee advocacy has been around as a concept for over a decade. But what started out as a well-intentioned way to enhance corporate profile, thought leadership and marketing, also has some unintended consequences. When professionals post about their…

Read More
02 Dec

A NICE Retrospective on Shaping Cybersecurity’s Future

Insights

Rodney Petersen has served as the Director of NICE at the National Institute for Standards and Technology (NIST) for the past eleven years where his focus has been on advancing cybersecurity education and workforce development. He will be retiring from federal government service at the end of the 2025 calendar year. Prior to his role at NIST, he has worked in various technology policy and leadership roles with EDUCAUSE and the University of Maryland. The…

Read More
30 Nov

This month in security with Tony Anscombe – November 2025 edition

Information

Data exposure by top AI companies, the Akira ransomware haul, Operation Endgame against major malware families, and more of this month’s cybersecurity news 28 Nov 2025 November 2025 is almost behind us, and it’s time for ESET Chief Security Evangelist Tony Anscombe to look at cybersecurity stories that raised the alarms, moved the needle or offered vital lessons over the past 30 or so days. Here’s some of what caught Tony’s eye this month: many…

Read More
29 Nov

What parents should know to protect their children from doxxing

Information

Kids Online Online disagreements among young people can easily spiral out of control. Parents need to understand what’s at stake. Phil Muncaster 27 Nov 2025  •  , 5 min. read The digital world offers countless opportunities for self-expression, learning and personal development, but it’s also a place where grudges are easily harbored, disagreements can often spiral, and intimidation, harassment and revenge are never far away. Often, doxxing is the primary way online retaliation manifests. It…

Read More
27 Nov

Influencers in the crosshairs: How cybercriminals are targeting content creators

Information

Social Media Social media influencers can provide reach and trust for scams and malware distribution. Robust account protection is key to stopping the fraudsters. Phil Muncaster 25 Nov 2025  •  , 4 min. read It’s not an easy time to be an influencer. Brands are spending less, ad revenue is declining and competition is fierce – including from AI-generated influencers and impersonators. According to one study, around half of the industry makes just $15,000 or…

Read More
26 Nov

Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’

Information, Insights

A prolific cybercriminal group that calls itself “Scattered LAPSUS$ Hunters” has dominated headlines this year by regularly stealing data from and publicly mass extorting dozens of major corporations. But the tables seem to have turned somewhat for “Rey,” the moniker chosen by the technical operator and public face of the hacker group: Earlier this week, Rey confirmed his real life identity and agreed to an interview after KrebsOnSecurity tracked him down and contacted his father.…

Read More
26 Nov

MDR is the answer – now, what’s the question?

Information

Business Security Why your business needs the best-of-breed combination of technology and human expertise Steven Connolly 24 Nov 2025  •  , 4 min. read When I was in my mid-teens, I decided to get a job in a small local garage to learn how to maintain cars in preparation for owning my own. Years later, I was fortunate enough to have a company car. One day, it indicated that the oil was low and needed…

Read More
24 Nov

Is Your Android TV Streaming Box Part of a Botnet?

Information, Insights

On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming services like Netflix, ESPN and Hulu, all for a one-time fee of around $400. But security experts warn these TV boxes require intrusive software that forces the user’s network to relay Internet traffic for others, traffic that is often tied to cybercrime activity…

Read More
24 Nov

​​Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications​

Attacks, Insights, Malware

CISA is aware of multiple cyber threat actors actively leveraging commercial spyware to target users of mobile messaging applications (apps).1 These cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim’s messaging app, facilitating the deployment of additional malicious payloads that can further compromise the victim’s mobile device.   These cyber actors use tactics such as: Phishing and malicious device-linking QR codes to compromise victim accounts…

Read More