Cybersecurity | Breaking Cybersecurity News | The Hacker News

Introduction What keeps CISOs and security leaders up at night these days? No, it's not the zero-day exploits or the nation-state actors; it's the 3 AM phone call when something goes terribly wrong, and suddenly your entire response depends on how well your people perform under pressure. Not your tools. Your people! Cybersecurity today demands being more proactive, and we are getting better at testing our existing security tools. Adversarial Exposure Validation (AEV) platforms are significantly improving how we validate whether our firewalls, EDRs, SIEMs, and SOARs actually work as advertised. But here's the uncomfortable truth: when a crisis hits, perfect tools in the hands of an unprepared team are about as useful as a Formula 1 race car with a driver who's never left the parking lot. The Exercise Paradox Traditional tabletop or crisis management exercises are run like fire drills - necessary, but hardly sufficient. The challenge has always been scale. Conductin...

In a matter of months, AI became a tool relied on for daily critical tasks. Now, we are seeing it used just as easily to attack systems, deceive users, or even manipulate data. While full capabilities are still being explored, the most significant threats posed by AI are yet unknown. Even without knowing exactly what's coming, organizations can take meaningful steps now and develop identity security strategies to defend against AI-driven threats to avoid being an easy target. Suggestion 1: Start with the basics In the face of unknown AI-driven threats, one of the best places to start is with an identity security strategy that addresses the fundamentals.  When it comes to identity and access management, solutions that offer 'Preemptive Defense' (a term coined by Gartner) allow detection and protection before a user even authenticates to your systems. Think IP reputation checks, web application firewalls, machine learning-based risk scoring, user policies and app policies. Risky...

CISOs know their field. They understand the threat landscape. They understand how to build a strong and cost-effective security stack. They understand how to staff out their organization. They understand the intricacies of compliance. They understand what it takes to reduce risk. Yet one question comes up again and again in our conversations with these security leaders: how do I make the impact of risk clear to business decision-makers? Boards want to hear how risk affects revenue, governance, and growth. They have a limited attention span for lists of vulnerabilities or technical details. When the story gets too technical, even urgent initiatives lose traction and fail to get funded. CISOs need to translate technical issues into terms the board understands. Doing so builds trust, garners support and shows how security decisions connect directly to long-term growth. It was the urgent need to bridge the CISO-Board communication gap that led us to create a new paradigm in CISO continu...

For decades, organizations operated under the assumption that vulnerability management could be slotted into predictable maintenance windows. Monthly patch cycles, quarterly review periods, and planned outages became the standard rhythm of IT operations. Yet, in today's environment, where exploit code emerges within hours of a disclosure and attackers weaponize vulnerabilities on an industrial scale, those rhythms are dangerously outdated. The modern reality is that continuous patch management and end-to-end vulnerability lifecycle governance are no longer aspirational, they are the bare minimum. Security must be measured not by the comfort of predictability, but by the ability to remediate as close to real time as possible. The Problem with Periodic Maintenance Windows Exploitation Outpaces Response: exploits are increasingly released at or before vendor patch availability. A monthly or even bi-weekly patch cadence leaves systems exposed during the critical first days when atta...

Cybersecurity is undergoing a necessary transformation from reacting to threats as they arise to proactively anticipating and addressing them through Threat-Informed Defense (TID) . This shift emphasizes operational discipline over accumulating more tools. It involves using threat intelligence to streamline existing technologies, enhance the quality of security signals, and focus efforts on the threats most relevant to each organization. The goal is to continuously identify and close security gaps by combining insights from external threat data with internal defense capabilities. How do you put TID into practice? The team at  Filigran has broken down the TID framework into a six-stage pipeline to develop actionable chunks for cybersecurity leaders. In this article, we share the details so that your security teams can leverage it too to support TID. What is Threat-Informed Defense? First advocated by  MITRE , Threat-Informed Defense (TID) leverages MITRE ATT&CK framewo...

Enterprises are spending more than ever on DDoS defense, but despite the increased investment, organizations are still suffering damaging downtime. MazeBolt's new DDoS Defense survey , produced in collaboration with Global Surveyz, quizzed 300 CISOs and security directors across the US and Europe, and uncovered some surprising perspectives. The following is a sneak preview from the report. Inside the Survey MazeBolt surveyed senior security leaders at banking, financial services, and insurance companies with between 500 and 25,000 employees and annual revenues of at least $250 million. These are organizations where business continuity is critical and where a single outage can cause severe financial and reputational damage. Attacks Keep Coming – and They're Costly Respondents reported an average of 3.85 damaging DDoS incidents in the past year. 60% said they suffered between 2 and 5 such attacks. Larger companies faced the most serious consequences, with enterprises of more than 1...

For most of its history, the Security Operations Center (SOC) has been a privilege of the few. Building one meant millions in technology spend and round-the-clock analyst coverage. Unsurprisingly, for years, SOCs were a privilege of the few -  large enterprises and organizations with high-risk profiles, where budgets and scale justified the investment. Everyone else was left with partial coverage or had to outsource. That reality is changing. AI has flipped the SOC equation. What was once out of reach for all but the largest enterprises is now accessible and affordable for nearly every company that needs one. The risk every company faces By now, almost any 9-year-old knows that cyberattacks threaten every company . It's no longer just banks and financial giants in the crosshairs. Over the past decade, cyberattacks have expanded into every sector, from e-commerce sites to research institutes to local hospitals. Recent data from the 'VikingCloud 2025 SMB Threat Landscape' repo...

Artificial Intelligence (AI) has served as a great resource for cyber defenders by enabling real-time detection and response through advanced pattern recognition and predictive analysis that traditional methods weren't able to achieve. However, AI has recently become a dangerous and widely available enabler for attackers to leverage. CISOs now face adversaries who easily scale large-scale cyberattacks like spear-phishing and polymorphic malware at machine speed.  This article examines the rising AI-driven cyberthreat landscape and presents the browser, the enterprises' new endpoint, as the most strategic control plane for defense. By adopting a Secure Enterprise Browser (SEB) into the security stack, enterprises can reduce their attack surface, contain incidents at scale, and future-proof themselves against these advanced attacks.  Why Traditional Defenses Struggle Against AI  Most organizations have robust defense in place against cyberattacks, such as firewalls, EDR...