SC Media

SC Media SC Media arms information security professionals with the in-depth, unbiased business and technical information they need.

The official page for all things IT security.

Google Cloud's Threat Intelligence Group reported that the Russia-sponsored threat group COLDRIVER is using two new back...
10/21/2025

Google Cloud's Threat Intelligence Group reported that the Russia-sponsored threat group COLDRIVER is using two new backdoors spread using ClickFix and a loader called NOROBOT.

The YESROBOT and MAYBEROBOT backdoors are spread using ClickFix lures.

The F5 breach is a wake-up call for every enterprise, says CYE's Shira Shamban in this commentary. Source code theft = f...
10/21/2025

The F5 breach is a wake-up call for every enterprise, says CYE's Shira Shamban in this commentary. Source code theft = future zero-days. Act now: patch fast, lock down management interfaces, enforce MFA, and hunt for compromise.

Details are scarce but CISA thought it was severe enough to issue an emergency directive.

Texas-based regional airline carrier Envoy Air confirmed Oct. 17 it was compromised in the recent series of zero-day att...
10/21/2025

Texas-based regional airline carrier Envoy Air confirmed Oct. 17 it was compromised in the recent series of zero-day attacks on the Oracle E-Business Suite (EBS) tied to the Clop gang.

Envoy Air is the second organization confirmed to have been exposed to Clop attacks.

The CIA Triad served its time, but it’s no longer enough, says Bright Security's Loris Gutic in this commentary. Modern ...
10/21/2025

The CIA Triad served its time, but it’s no longer enough, says Bright Security's Loris Gutic in this commentary. Modern threats demand layered defense built for resilience, authenticity and accountability.

The CIA Triad is obsolete — security needs the layered 3C Model: Core, Complementary, and Contextual.

America’s infrastructure depends on sensors, but when foreign powers control the tech, they control the risk. In an ICIT...
10/20/2025

America’s infrastructure depends on sensors, but when foreign powers control the tech, they control the risk. In an ICIT - Institute for Critical Infrastructure Technology briefing, lawmakers and industry leaders urged stronger supply chain transparency and secure sourcing.

U.S. lawmakers and experts warn foreign-controlled LiDAR tech poses major infrastructure risks.

Human error drives 85% of breaches, but most awareness training still misses the mark, says Abnormal AI's Mike Leach in ...
10/10/2025

Human error drives 85% of breaches, but most awareness training still misses the mark, says Abnormal AI's Mike Leach in this commentary. This , let’s move from checkboxes to real behavior change. Smarter threats need smarter training. Turn employees into defenders, not liabilities.

Here's three ways we can make security awareness training more proactive.

The shutdown exposed a hard truth: CISA’s reactive model can’t keep pace with machine-speed threats, said Morphisec's Br...
10/10/2025

The shutdown exposed a hard truth: CISA’s reactive model can’t keep pace with machine-speed threats, said Morphisec's Brad LaPorte in this commentary. It’s time to evolve from alerts to anticipation—preemptive defense, continuous exposure management, and resilience by design.

CISA must evolve from a bearer of bad news to a cornerstone of national cyber resilience.

Continuous Authorization to Operate (cATO) changes the game — shifting security from an afterthought to a core design fu...
10/09/2025

Continuous Authorization to Operate (cATO) changes the game — shifting security from an afterthought to a core design function, says the Export-Import Bank of the United States' Darren Death in this commentary. By embedding security as a functional requirement, organizations move from “compliant on paper” to “secure in reality.”

cATO closes the gap by requiring organizations to embed security requirements as core functional specifications from project initiation.

LockBit has come back on the scene, this time forming a partnership with prominent ransomware-as-a-service (RaaS) groups...
10/09/2025

LockBit has come back on the scene, this time forming a partnership with prominent ransomware-as-a-service (RaaS) groups DragonForce and Qilin to potentially target critical infrastructure worldwide.

LockBit ransomware gang joined forces with the Maze ransomware group in 2020.

The debate over vulnerability disclosure is far from over, says Outpost24's Martin Jartelius in this commentary. In 2025...
10/09/2025

The debate over vulnerability disclosure is far from over, says Outpost24's Martin Jartelius in this commentary. In 2025, transparency must be balanced with security. Immediate release can force vendor action, but also arm attackers.

Nuanced, coordinated vulnerability disclosure balances ethics, safety, and trust in 2025.

Salesforce reportedly emailed customers telling them that it would not pay a ransom and said it was based on "credible t...
10/09/2025

Salesforce reportedly emailed customers telling them that it would not pay a ransom and said it was based on "credible threat intelligence" that indicated the threat actors planned to leak the stolen data.

Salesforce says it has "credible threat intelligence" indicating threat actors plan to leak stolen data.

A study by DropzoneAI and the CSA: Cloud Security Alliance on the use of artificial intelligence to assist security oper...
10/08/2025

A study by DropzoneAI and the CSA: Cloud Security Alliance on the use of artificial intelligence to assist security operations center (SOC) investigations found that using improved speed and accuracy compared with manual methods.

Most analysts said their view of AI improved after using it for investigations.

Most orgs talk about Continuous Threat Exposure Management (CTEM), but few do it, says Nagomi Security's Emanuel Salmona...
10/08/2025

Most orgs talk about Continuous Threat Exposure Management (CTEM), but few do it, says Nagomi Security's Emanuel Salmona in this commentary. To reduce real risk, CTEM must be operationalized — automated, unified, and business-aligned.

Turning CTEM from theory to ex*****on: unify, automate, and prove real risk reduction.

With the Cybersecurity Information Sharing Act expired, threat visibility drops just as adversaries look to exploit chao...
10/08/2025

With the Cybersecurity Information Sharing Act expired, threat visibility drops just as adversaries look to exploit chaos, says the ICIT - Institute for Critical Infrastructure Technology's Brett Freedman in this commentary.

This year’s shutdown risk is especially troubling because Congress failed to reauthorize the Cybersecurity Information Sharing Act (CISA) of 2015.

The case in which 570 gigabytes of compressed Red Hat data were exfiltrated from 28,000 GitHub repos expanded, as Crimso...
10/08/2025

The case in which 570 gigabytes of compressed Red Hat data were exfiltrated from 28,000 GitHub repos expanded, as Crimson Collective and Scattered Lapsus$ Hunters reportedly leveraged the Shiny Hunters data leak site to apply more pressure on Red Hat.

Exfiltration case escalates as two threat groups now working with Shiny Hunters to extort Red Hat.

A threat group Microsoft tracks as China-based Storm-1175 — best known for deploying the Medusa — was observed exploit...
10/08/2025

A threat group Microsoft tracks as China-based Storm-1175 — best known for deploying the Medusa — was observed exploiting a 10.0 deserialization flaw in Fortra's secure transfer GoAnywhere’s MFT License Servlet.

Best known for Medusa ransomware, China-based Storm-1175 behind the GoAnywhere MFT attacks.

In exploiting a cross-site scripting (XSS) flaw in the Zimbra Collaboration Suite, attackers leveraged a malicious .ICS ...
10/08/2025

In exploiting a cross-site scripting (XSS) flaw in the Zimbra Collaboration Suite, attackers leveraged a malicious .ICS file, a popular calendar format, according to a StrikeReady report.

The attack leveraged a malicious iCalendar invite over Zimbra email.

Address

400 Madison Avenue
New York, NY
10017

Opening Hours

Monday 9am - 5pm
Tuesday 9am - 5pm
Wednesday 9am - 5pm
Thursday 9am - 5pm
Friday 9am - 5pm

Website

Alerts

Be the first to know and let us send you an email when SC Media posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to SC Media:

Shortcuts

Share

Category