CyberSecurity Updates

02 Aug

Why the tech industry needs to stand firm on preserving end-to-end encryption

Information

Restricting end-to-end encryption on a single-country basis would not only be absurdly difficult to enforce, but it would also fail to deter criminal activity Tony Anscombe 01 Aug 2025  •  , 5 min. read The UK Government wants access, when requested, to the end-to-end encrypted messages and data for everyone in the UK. The reasons are to specifically tackle serious crimes, such as terrorism and child sex abuse. The UK Government is not alone in…

Read More
02 Aug

Is your phone spying on you? | Unlocked 403 cybersecurity podcast (S2E5)

Information

Here’s what you need to know about the inner workings of modern spyware and how to stay away from apps that know too much 01 Aug 2025 The world of espionage has gone digital. Rather than involving trench coats and secret missions, it’s now about silent cyberthreats that can turn phones into secret surveillance devices. In other words, today’s battleground is in people’s pockets, as malicious tools pose as everyday apps and can, in extreme…

Read More
01 Aug

This month in security with Tony Anscombe – July 2025 edition

Information

Here’s a look at cybersecurity stories that moved the needle, raised the alarm, or offered vital lessons in July 2025 31 Jul 2025 With another month behind us, it’s time for ESET Chief Security Evangelist Tony Anscombe to look at cybersecurity stories that made an impact and offered vital lessons in July 2025. Here’s Tony’s rundown of some of what stood out most over the past 30 or so days. attacks targeting on-premises Microsoft SharePoint…

Read More
01 Aug

Let’s get Digital! Updated Digital Identity Guidelines are Here!

Insights

Credit: NIST Today is the day! Digital Identity Guidelines, Revision 4  is finally here…it’s been an exciting journey and NIST is honored to be a part of it.  What can we expect? Serving as a culmination of a nearly four-year collaborative process that included foundational research, two public drafts, and about 6,000 individual comments from the public, Revision 4 of Special Publication 800-63, Digital Identity Guidelines, intends to respond to the changing digital landscape that has…

Read More
31 Jul

Reflections from the First Cyber AI Profile Workshop

Insights

Thank you to everyone who participated in the Cyber AI Profile Workshop NIST hosted this past April! This work intends to support the cybersecurity and AI communities — and the input you provided during this workshop is critical. We are working to publish a Workshop Summary that captures themes and highlights from the event. In the interim, we would like to share a preview of what we heard. Background on the Cyber AI Profile Workshop  As…

Read More
31 Jul

CISA and USCG Issue Joint Advisory to Strengthen Cyber Hygiene in Critical Infrastructure

Attacks, Insights, Malware

CISA, in partnership with the U.S. Coast Guard (USCG), released a joint Cybersecurity Advisory aimed at helping critical infrastructure organizations improve their cyber hygiene. This follows a proactive threat hunt engagement conducted at a U.S. critical infrastructure facility. During this engagement, CISA and USCG did not find evidence of malicious cyber activity or actor presence on the organization’s network but did identify several cybersecurity risks. CISA and USCG are sharing their findings and associated mitigations…

Read More
31 Jul

Thorium Platform Public Availability

Attacks, Insights, Malware

Today, CISA, in partnership with Sandia National Laboratories, announced the public availability of Thorium, a scalable and distributed platform for automated file analysis and result aggregation. Thorium enhances cybersecurity teams’ capabilities by automating analysis workflows through seamless integration of commercial, open-source, and custom tools. It supports various mission functions, including software analysis, digital forensics, and incident response, allowing analysts to efficiently assess complex malware threats. Thorium enables teams that frequently analyze files to achieve scalable…

Read More
30 Jul

The hidden risks of browser extensions – and how to stay safe

Information

Digital Security Not all browser add-ons are handy helpers – some may contain far more than you have bargained for Phil Muncaster 29 Jul 2025  •  , 4 min. read What would we do without the web browser? For most of us, it’s our gateway to the digital world. But browsers are such a familiar tool today that we’re in danger of giving them a free ride. In fact, there are plenty of rogue extensions…

Read More
30 Jul

Scammers Unleash Flood of Slick Online Gaming Sites

Information, Insights

Fraudsters are flooding Discord and other social media platforms with ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. Here’s a closer look at the social engineering tactics and remarkable traits of this sprawling network of more than 1,200 scam sites. The scam begins with deceptive ads posted on social media that claim the wagering sites are working…

Read More
30 Jul

Eviction Strategies Tool Released

Attacks, Insights, Malware

Today, CISA released the Eviction Strategies Tool to provide cyber defenders with critical support and assistance during the containment and eviction phases of incident response. This tool includes: Cyber Eviction Strategies Playbook Next Generation (Playbook-NG): A web-based application for next-generation operations. COUN7ER: A database of atomic post-compromise countermeasures users can execute based on adversary tactics, techniques, and procedures. Together, Playbook-NG and COUN7ER create a systematic, tailored eviction plan that leverages distinct countermeasures to effectively contain…

Read More