Controls

Critical analysis of sophisticated malvertising campaign using fake Homebrew sites to distribute AmosStealer malware, targeting Mac and Linux users through Google Ads with $1000/month criminal subscriptions

Technical analysis of the largest DDoS attack in history (5.6 Tbps) with strategic recommendations for enterprise security teams and ISPs

Critical analysis of 7-Zip's Mark of the Web bypass vulnerability (CVE-2025-0411), its implications for enterprise security, and recommended mitigation strategies

Microsoft has released a temporary fix for a critical Outlook crash issue affecting enterprise users when composing emails, with permanent patch scheduled for January 28th deployment.

AI SPERA partners with OnTheHub to deliver Criminal IP cybersecurity solutions to educational institutions worldwide, offering threat intelligence and asset monitoring at education-friendly prices.

Ivanti addresses four critical EPM vulnerabilities (CVSS 9.8) affecting authentication and information disclosure, along with additional Avalanche and ACE security patches

Silverfort researchers uncover critical vulnerability allowing NTLMv1 authentication bypass in Active Directory, undermining organizational security controls through misconfigured applications.

Privacy advocacy group noyb files multiple GDPR complaints against Chinese tech companies for illegal EU data transfers, citing significant risks of government surveillance and data protection violations.

Microsoft has expanded testing of its Windows 11 admin protection feature to enhance security against malware and unauthorized access.

Critical analysis of industrial control system security reveals dangerous gaps, with only 31% having dedicated SOC capabilities and 52% maintaining proper incident response plans.

Google Cloud researchers uncover multiple critical vulnerabilities in Rsync, including heap-buffer overflow (CVSS 9.8) enabling remote code execution. Version 3.4.0 patches available.

Satori introduces automated data security controls that protect sensitive information across production systems and AI environments through continuous discovery, classification, and access management

HackGATE introduces real-time visibility into penetration testing activities, reducing vendor dependence by 65% while enhancing compliance and control over security assessments.