SC Media

SC Media SC Media arms information security professionals with the in-depth, unbiased business and technical information they need.

The official page for all things IT security.

A China-backed threat actor dubbed "WARP PANDA" targets VMware vCenter environments with the BRICKSTORM backdoor and oth...
12/05/2025

A China-backed threat actor dubbed "WARP PANDA" targets VMware vCenter environments with the BRICKSTORM backdoor and other custom Go-based malware, CrowdStrike detailed in a report.

The group targets VMware vCenter environments, gaining initial access through edge devices.

AI is reshaping supply-chain risk. “Dark Passengers” hide inside trusted apps, APIs & agents, turning tools into attac...
12/05/2025

AI is reshaping supply-chain risk. “Dark Passengers” hide inside trusted apps, APIs & agents, turning tools into attack vectors, says HITRUST's Tom Kellermann in this commentary. As island-hopping surges, securing models, data, and access controls is now mission-critical.

Society has opened Pandora's box with AI – here’s how teams can respond.

Quantum threats are rising. “Harvest now, decrypt later” makes post-quantum cryptography urgent, says DataKrypto's Carla...
12/04/2025

Quantum threats are rising. “Harvest now, decrypt later” makes post-quantum cryptography urgent, says DataKrypto's Carla Mascia in this commentary. NIST standards are set — migration must start now.

Quantum attacks will break today’s encryption. Organizations must migrate to post-quantum cryptography today.

The Cybersecurity and Infrastructure Security Agency released new guidance on securely integrating into OT systems — u...
12/04/2025

The Cybersecurity and Infrastructure Security Agency released new guidance on securely integrating into OT systems — urging risk-aware deployment, strong governance, data protection, and human oversight. AI can boost OT performance, but only with vigilance.

The document outlines four key principles to follow when considering AI use in OT.

The Indian government on Dec. 3 revoked an order that originally directed leading smartphone makers such as Apple and Sa...
12/04/2025

The Indian government on Dec. 3 revoked an order that originally directed leading smartphone makers such as Apple and Samsung to install the state-developed “Sanchar Saathi” app on all new phones.

Experts preferred EU approach of mandating security outcomes on vendors versus a government app.

The cyber talent pipeline is breaking at both ends — underfunded education and burnout are fueling a workforce crisis. T...
12/04/2025

The cyber talent pipeline is breaking at both ends — underfunded education and burnout are fueling a workforce crisis. The U.S. must reform training, boost retention, and strengthen public-private collaboration now.

The U.S. faces a cybersecurity workforce emergency fueled by systemic failures in education and job retention, demanding urgent reforms, stronger public-private collaboration, and sustained investment in the next generation of cyber defenders.

Over half of enterprise assets lack WAF protection, leaving critical apps exposed. Fragmented tools and silos create ser...
12/04/2025

Over half of enterprise assets lack WAF protection, leaving critical apps exposed. Fragmented tools and silos create serious security gaps, says CyCognito's Zohar Venturero in this commentary.

Intended for application security, significant portions of the enterprise are unprotected.

Anthropic’s Claude Agent Skills feature could be misused by threat actors to spread malicious Skills that execute malwar...
12/04/2025

Anthropic’s Claude Agent Skills feature could be misused by threat actors to spread malicious Skills that execute malware, Cato Networks reported.

An attacker could distribute a malicious Skill that quietly retrieves external scripts.

Non-human identities — API keys, OAuth tokens, agents — are now top targets, says Vorlon Security's Amir Khayat in thi...
12/03/2025

Non-human identities — API keys, OAuth tokens, agents — are now top targets, says Vorlon Security's Amir Khayat in this commentary. Recent breaches prove attackers bypass MFA and move silently. Securing NHIs is now essential.

Here’s how security teams can keep up with today’s machine-driven data.

Gartner’s first Magic Quadrant for Exposure Assessment Platforms marks the shift from vulnerability management to full e...
12/03/2025

Gartner’s first Magic Quadrant for Exposure Assessment Platforms marks the shift from vulnerability management to full exposure management. With broad attack-surface visibility and strong analytics, leaders like Tenable show why EM is now essential to reducing cyber risk.

Gartner's new report on exposure-management vendors gives Tenable the prime spot in the Magic Quadrant.

Federal cyber leadership is slipping, leaving defenders to manage rising threats alone. Resilience now means self-relian...
12/03/2025

Federal cyber leadership is slipping, leaving defenders to manage rising threats alone. Resilience now means self-reliance: organizations must strengthen their own security and partnerships to stay protected.

Security professionals, from the private sector to local government, are increasingly left to manage global threats, supply chain vulnerabilities, and operational chaos without a clear national strategy.

Threat group ShadyPanda leveraged the auto-update mechanisms in Google Chrome and Microsoft Edge browsers to exploit the...
12/03/2025

Threat group ShadyPanda leveraged the auto-update mechanisms in Google Chrome and Microsoft Edge browsers to exploit the same vulnerability for seven years, according to research by security firm Koi.

Threat actor infiltrated devices via browser extensions, quietly making money for years until they finally were outed.

Address

400 Madison Avenue
New York, NY
10017

Opening Hours

Monday 9am - 5pm
Tuesday 9am - 5pm
Wednesday 9am - 5pm
Thursday 9am - 5pm
Friday 9am - 5pm

Website

Alerts

Be the first to know and let us send you an email when SC Media posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Shortcuts

Share

Category