Aggregator

Say yes to AI, no to risks. AppOmni’s AISPM solution overview breaks it down with smart discovery workflows and real-time threat detection.

The post Securing AI in SaaS: No New Playbook Required appeared first on AppOmni.

The post Securing AI in SaaS: No New Playbook Required appeared first on Security Boulevard.

The bill mandates a national strategy and establishes pilot programs in the federal government on quantum-safe encryption.

The post Senate legislation would direct federal agencies to fortify against quantum computing cyber threats appeared first on CyberScoop.

You must login to view this content

Key Findings Several prominent RaaS groups, including RansomHub, Babuk-Bjorka, FunkSec, BianLIan, 8Base, Cactus, Hunters International, and Lockbit, stopped publishing new victims. Though the reasons for their disappearances vary, the net effect is a fragmented ransomware ecosystem no longer dominated by one or two major players. Q2 2025 saw a drop of 6% in the number […]

The post The State of Ransomware – Q2 2025 appeared first on Check Point Research.

CISA, in partnership with the U.S. Coast Guard (USCG), released a joint Cybersecurity Advisory aimed at helping critical infrastructure organizations improve their cyber hygiene. This follows a proactive threat hunt engagement conducted at a U.S. critical infrastructure facility.

During this engagement, CISA and USCG did not find evidence of malicious cyber activity or actor presence on the organization’s network but did identify several cybersecurity risks. CISA and USCG are sharing their findings and associated mitigations to assist other critical infrastructure organizations identify potential similar issues and take proactive measures to improve their cybersecurity posture. The mitigations include best practices such as not storing passwords or credentials in plaintext, avoiding sharing local administrator account credentials, and implementing comprehensive logging.

For more detailed mitigations addressing the identified cybersecurity risks, review joint Cybersecurity Advisory: CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization. 

Today, CISA, in partnership with Sandia National Laboratories, announced the public availability of Thorium, a scalable and distributed platform for automated file analysis and result aggregation. Thorium enhances cybersecurity teams' capabilities by automating analysis workflows through seamless integration of commercial, open-source, and custom tools. It supports various mission functions, including software analysis, digital forensics, and incident response, allowing analysts to efficiently assess complex malware threats.

Thorium enables teams that frequently analyze files to achieve scalable automation and results indexing within a unified platform. Analysts can integrate command-line tools as Docker images, filter results using tags and full-text search, and manage access with strict group-based permissions.  

Designed to scale with hardware using Kubernetes and ScyllaDB, Thorium can ingest over 10 million files per hour per permission group while maintaining rapid query performance. It also allows users to define event triggers and tool execution sequences, control the platform via RESTful API, and aggregate outputs for further analysis or integration with downstream processes.

CISA encourages cybersecurity teams to use Thorium and provide feedback to enhance its capabilities. For more information on Thorium and how it can improve your cybersecurity operations, see CISA’s Thorium resource webpage. 

CISA released two Industrial Control Systems (ICS) advisories on July 31, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-212-01 Güralp FMUS Series Seismic Monitoring Devices
• ICSA-25-212-02 Rockwell Automation Lifecycle Services with VMware

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

Over the past three months, our threat analysts have noticed a significant spike in attackers abusing Microsoft 365’s Direct Send feature—a tool intended for devices like printers or scanners to send internal emails without authentication. Unfortunately, threat actors have found a way to exploit this convenience, slipping past critical email security checks like SPF, DKIM, and DMARC.

The post Inside Job: Attackers Are Spoofing Emails with M365’s Direct Send appeared first on Security Boulevard.

Intel 471 has launched Verity471, a next-generation cyber threat intelligence (CTI) platform. It brings together all of Intel 471’s solutions into one place, making it easier for security teams to work together, improve workflows, and get more from their threat intelligence. The platform extends beyond the provisioning of CTI by furnishing actionable insights that can be operationalized CTI out of the box. With Verity471, security teams are not only informed of potential threats but are … More →

The post Intel 471 unveils Verity471, a unified platform for next-gen cyber threat intelligence appeared first on Help Net Security.