SC Media

12/18/2025

With increased online activity and reduced staffing, the holiday season makes an attractive target for threat actors. That’s why robust logging and real-time monitoring are critical.

✅ Event logging is essential for maintaining visibility into network activity and detecting malicious behavior.
✅ Organizations should centralize logs, protect log integrity, and monitor for anomalies in real time.
✅ Logging should cover key areas like authentication events, privileged access, network traffic, and endpoint activity.

Visibility is your first line of defense. Stay vigilant, stay ready.

12/17/2025

The U.S. Securities and Exchange Commission dropped its SolarWinds case, but CISOs aren’t off the hook, says HackerOne's Ilona Cohen in this commentary. The message is clearer now: it’s not about judging programs — it’s about truthful cyber disclosures to investors.

SEC’s SolarWinds dismissal narrows its cyber authority but reinforces focus on accurate disclosures.

12/17/2025

JumpCloud patched a high-severity Windows flaw attackers could abuse for privilege escalation or BSOD attacks at scale, XM Cyber reported. Update now — CVE-2025-34352 shows why TEMP misuse is risky.

The JumpCloud uninstaller can be exploited to escalate privileges to system.

12/17/2025

AI hype is colliding with policy reality, says Black Kite's Tony Monell in this commentary. Trump’s AI executive order sparks backlash, fear of job loss & deepfakes, and a bigger question: can we govern fast enough to protect humanity?

Our political leaders have to set aside their petty squabbles and come to grips with the real risks AI presents.

12/17/2025

Rapid7 warns of SantaStealer, a new malware-as-a-service infostealer set for the holidays. Marketed as stealthy, it’s amateurish, modular, targets creds, crypto — and even a WinRAR flaw.

The forthcoming infostealer advertised on Telegram offers 14 custom modules.

12/16/2025

The Google Threat Intelligence Group tied five more China-linked threat groups to the ongoing exploitation of the vulnerability.

Five new China-linked groups join rapid React2Shell exploitation, raising urgency to patch now.

12/16/2025

WVU Cyber, TAC, and ICIT are uniting to strengthen America’s critical infrastructure — building resilience rooted in recovery, service, and a mission to prepare leaders for CY26 and beyond, says the ICIT - Institute for Critical Infrastructure Technology's Cory Simpson in this commentary.

At West Virginia University’s (WVU) inaugural Cyber Summit, a panel with WVU’s Chris Ramazan, TAC’s Chris Hollifield, Dragos’ Chuck Weisenborn, and ICIT's Cory Simpson underscored that cyber resilience must be designed into critical infrastructure, not treated as an afterthought.

12/16/2025

AI-powered phishing can clone perfect login pages and bypass weak MFA. Training won’t save us — phishing-resistant authentication like passkeys and WebAuthn is now the only reliable defense.

User awareness training can't combat today's clever phishing scams. The only effective protection is to use phishing-resistant authentication.

12/16/2025

As agents flood the enterprise, identity — not code — is the new control point. To stay secure, orgs need full agent inventories, clear ownership, least-privilege access, and real monitoring.

AI agents mix the unpredictability of humans with the speed of machines. Here's why identity systems need a new way to manage them.

12/15/2025

AI agents can be weaponized when untrusted input, sensitive data access, and exfiltration paths align. The “lethal trifecta” means attackers don’t need to hack systems — just steer the agent, says Oso's Gabe Jackson in this commentary.

Combine untrusted human input, access to sensitive data, and a path to exfiltrate information – and AI agents become dangerous.

12/15/2025

The Cybersecurity and Infrastructure Security Agency is ordering agencies to patch a GeoServer zero-day already being exploited at scale. With 14K-plus exposed instances and nation-state APTs targeting geospatial data, is now mandatory, experts say.

Experts point out that our adversaries now use GeoServer to collect intelligence data.

12/14/2025

OpenAI is elevating all future models to “High” capability, adding defense-in-depth safeguards, red teaming, and stricter monitoring to curb misuse while empowering defenders.

The ChatGPT maker says it’s using a combination of training, detection and red teaming to prevent misuse.