AI uncovered seven FatFs flaws affecting embedded devices. The challenge now is patching millions of systems with no easy fix.
Featured
As the United States of America enters its second quarter millennia, the tradeoff of security and liberty is never more apropos than it is to the cybersecurity industry. (Includes infographic)
CYBR.SEC.CON didn't replace HOU.SEC.CON. It grew from it, expanding from a Houston conference into a national cybersecurity event. (Includes infographic)
Community Corner
See allFrom the CYBR.SEC.Community
Cybersecurity Lessons from the Semiquincentennial of Liberty
As the United States of America enters its second quarter millennia, the tradeoff of security and liberty is never more apropos than it is to the cybersecurity industry. (Includes infographic)
Size DOESN'T Matter When It Comes To DDoS Attacks
The biggest DDoS attacks grab headlines, but impact matters more than size. Learn what defenders should really measure.
Stewarding the Generative Set in the Age of AI
As AI spreads, communities need trusted stewards to provide context, judgment, and accountability where automation falls short.
When Agents Knock: PACT, AI Browsers, and the Next Web Perimeter
AI agents and AI browsers are changing security boundaries. Learn what PACT means for the next web perimeter.
More Noise, More Risk: Reframing Internal Comms Overload
If you work in SecOps more noise equals more risk. The more alerts you have, the harder it is to find the ones that need immediate action. Yet in my experience, this idea of more noise being detrimental to understanding, does not stretch beyond the SOC into business communications.
Latest Articles
See all
Mobile App AI Security
Survey: AI Adoption in Mobile Apps Is Surging, But Visibility and Security Lag Behind
New research from NowSecure finds AI is now embedded in 95% of enterprise mobile apps, but more than one-third of organizations lack visibility into how those systems operate, even as mobile security incidents and third-party software risks continue to rise.
Security Awareness TrainingMental Health
Why Security Awareness Training Failed and What's Next
Security awareness training isn't stopping breaches. Learn why human behavior matters and what security teams should do next. (Includes infographic)
Email Security
Why the Email Gateway Is No Longer Enough
Modern phishing attacks bypass traditional email gateways. Learn why identity, behavior, and post-delivery security matter. (Sponsored by Abnormal AI)
Email Security and AI
Email Security Has Become an AI Arms Race
Attackers and defenders are both using AI. Learn why email security now depends on speed, context, and adaptive detection. (Sponsored by Abnormal AI)
CVEVulnerability Management
The CVE Stampede Is a Distraction, Finding the Vulns that Matter is the Challenge
With 48,000+ CVEs published annually, the challenge isn't volume. It's finding the vulnerabilities attackers will actually exploit.
GRCpost-quantum cryptography deadlines
Trump's Quantum EO Sets Aggressive PQC Deadlines
A new White House executive order sets hard deadlines for federal agencies to migrate to post-quantum cryptography by 2030 and 2031 and extends those obligations to contractors through new procurement rules. (includes infographic)
Identity Security
FortiBleed Is Bigger Than A Fortinet Password Leak
Fresh analysis suggests FortiBleed is not merely a Fortinet credential exposure event but a large-scale identity compromise campaign that turns perimeter devices into launchpads for deeper attacks against Active Directory, LDAP, and internal enterprise infrastructure.
Podcasts & Video
See all
Podcast
The Human Factor with Dr. Calvin Nobles
Dr. Dustin Sachs sits down with Dr. Calvin Nobles to explore why security awareness alone is insufficient when it comes to changing human behavior.
Podcast
AI vs. AI: Scott Deluke on the Future of Cybersecurity
In this episode of CYBR.HAK.CAST, hosts Michael and Phil speak with Scott Deluke of Abnormal AI live from the inaugural CYBR.HAK.CON.!
Podcast
Why AI Usage Intelligence is the Missing Layer in Enterprise AI Security with Harmonic Security CEO Alastair Paterson
In this episode of CYBR.SEC.CAST, hosts Michael and Sam sit down with Alastair Patterson, CEO of Harmonic Security, to discuss the rapid evolution of AI in the enterprise.
Video
DON’T WAIT: Engineering Outcomes Between Red Lines and Rules of Engagement
Danielle (DJ) Jablanski argues that critical-infrastructure owners must stop waiting for perfect regulation or deterrence and instead start today to map interdependencies, engineer fault-tolerant redundancy, and reduce the severity of inevitable cyber-physical impacts.
Video
Safe Use of AI in OT Environments: Gaining the Benefits without the Risk
Christopher Walcutt argues that AI can be used safely in OT environments if organizations first establish strong cybersecurity maturity, segmentation, visibility, and strict containment controls.
Video
Cyber-Informed Engineering
Cyber-informed engineering keeps OT systems safe by adding simple physical controls that prevent catastrophic failures even if digital systems are breached.
Video
Keeping your Milk Cool and your Tech Safe
Security engineer and architect Brad Voris recounts designing zero-trust controls for legacy dairy-plant systems to protect millions of gallons of milk from tampering or contamination.