SC Media

SC Media SC Media arms information security professionals with the in-depth, unbiased business and technical information they need.

The official page for all things IT security.

07/12/2025

In adding the so-called “Citrix Bleed 2” bug to its Known Exploited Vulnerabilities list July 10, the Cybersecurity and Infrastructure Security Agency gave federal agencies just 24 hours to patch the critical 9.3 flaw.

A study of operational technology (OT) security by Fortinet found that 52% of organizations said the CISO or CSO is now ...
07/11/2025

A study of operational technology (OT) security by Fortinet found that 52% of organizations said the CISO or CSO is now directly responsible for OT security, a dramatic rise from just 16% in 2022.

Eight in 10 respondents plan to put OT security under CISOs in the next 12 months.

The first and most critical defense for preventing sensitive information leaks via   is not using such information in th...
07/11/2025

The first and most critical defense for preventing sensitive information leaks via is not using such information in the first place, stresses the Open Worldwide Application Security Project's Top 10 LLM Applications 2025. That begins with careful data hygiene.

LLMs can’t forget what they’ve seen, but you can stop them from saying too much. Here’s how.

Researchers initially accessed the test account from a log in page that was linked on the McHire website for restaurant ...
07/11/2025

Researchers initially accessed the test account from a log in page that was linked on the McHire website for restaurant owners, and successfully logged in by guessing the username and password, which were both “123456."

Paradox.ai, which built the McDonald’s “Olivia” chatbot, took responsibility for the issue.

Sensitive information disclosures is one of the fastest emerging security threats in the age of  , and is the second-ran...
07/11/2025

Sensitive information disclosures is one of the fastest emerging security threats in the age of , and is the second-ranked risk on the Open Worldwide Application Security Project's Top 10 for LLM Applications 2025.

From source code to secrets, AI can expose more than you expect, especially when business speed outpaces security readiness.

Veterans approach problems differently than those who come up through traditional commercial careers, says Virtuo Group ...
07/11/2025

Veterans approach problems differently than those who come up through traditional commercial careers, says Virtuo Group Corporation's Theresa Blackwell-Frank in this commentary.

How cybersecurity became a natural transition following military service for Theresa Blackwell-Frank.

ServiceNow issued a CVE for a high-severity vulnerability — CVE-2025-3648 —  that could lead to significant data exposur...
07/10/2025

ServiceNow issued a CVE for a high-severity vulnerability — CVE-2025-3648 — that could lead to significant data exposure. It underscored that it issued patches in September 2024 and March 2025 to address the issue.

Varonis says attackers could easily expose ServiceNow data tables by combining enumeration techniques with common query filters.

At the request of The United States Department of Justice, Italian police arrested a 33-year-old man believed to be a me...
07/10/2025

At the request of The United States Department of Justice, Italian police arrested a 33-year-old man believed to be a member of the China-based hacking operation Hafnian that stole research and intellectual property related to COVID-19.

Man believed to be a member of group that stole research and intellectual property from the U.S.

JFrog researchers reported a critical RCE flaw in the open-source mcp-remote tool that could potentially lead to full sy...
07/10/2025

JFrog researchers reported a critical RCE flaw in the open-source mcp-remote tool that could potentially lead to full system compromise when connecting an client to a malicious remote Model Context Protocol (MCP) server.

A malicious MCP server could have executed arbitrary commands on the victim’s machine.

What if identity didn’t stop at the login screen? That’s the question driving the rise of continuous identity, a new mod...
07/10/2025

What if identity didn’t stop at the login screen? That’s the question driving the rise of continuous identity, a new model that treats identity not as a one-time check at the door, but as a living, context-aware stream of signals.

At Identiverse 2025, Disney’s Sean O’Dell and GM’s Andrew Cameron challenged the traditional login model, urging security teams to embrace identity as a dynamic, real-time conversation.

Replacing a secure email gateway (SEG) doesn’t just reduce risk, says Abnormal AI's Mike Leach in this commentary. It en...
07/10/2025

Replacing a secure email gateway (SEG) doesn’t just reduce risk, says Abnormal AI's Mike Leach in this commentary. It enhances efficiency, improves visibility, and delivers measurable ROI.

Here are five features to look for in a modern AI-based email security tool.

Address

New York, NY

Opening Hours

Monday 9am - 5pm
Tuesday 9am - 5pm
Wednesday 9am - 5pm
Thursday 9am - 5pm
Friday 9am - 5pm

Alerts

Be the first to know and let us send you an email when SC Media posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to SC Media:

Share