SC Media

SC Media SC Media arms information security professionals with the in-depth, unbiased business and technical information they need.

The official page for all things IT security.

In announcing its acquisition of Keyless last month, Ping Identity emphasized Keyless’ ability to protect frontline work...
11/14/2025

In announcing its acquisition of Keyless last month, Ping Identity emphasized Keyless’ ability to protect frontline worker identities with privacy-preserving biometric authentication.

Shared terminals and lack of phone access pose challenges for both passwords and passwordless authentication.

The Cybersecurity and Infrastructure Security Agency issued additional guidance for two actively exploited bugs in Cisco...
11/14/2025

The Cybersecurity and Infrastructure Security Agency issued additional guidance for two actively exploited bugs in Cisco ASA firewalls after multiple organizations were observed to have yet to patch to the minimum software version.

Cisco ASA firewalls still under attack; CISA issues guidance for patch

The third phase of Operation Endgame coordinated by Europol took down more than 1,025 servers that officials said infect...
11/14/2025

The third phase of Operation Endgame coordinated by Europol took down more than 1,025 servers that officials said infected hundreds of thousands of victims worldwide with three leading malware strains.

Joint law enforcement team targeted three malware strains at the heart of ransomware worldwide.

Google took action against a group behind millions of scam text messages impersonating USPS, E-ZPass, banks and more by ...
11/14/2025

Google took action against a group behind millions of scam text messages impersonating USPS, E-ZPass, banks and more by filing a lawsuit against individuals behind the Lighthouse SMS phishing-as-a-service (PhaaS) kit.

Google filed a lawsuit against individuals behind the Lighthouse SMS phishing kit.

Ping Identity's acquisition of Keyless focused on delivering a biometric tool to frontline workers in industrial environ...
11/13/2025

Ping Identity's acquisition of Keyless focused on delivering a biometric tool to frontline workers in industrial environments, the kind of targeted apps that industry pros say identity companies will focus on in the months ahead.

Ping is addressing emerging threats with purchase of biometrics authentication company.

In a bid to reinforce the security lifecycle of hardware-based passkeys and reduce the risk of identity fraud, Yubico ha...
11/13/2025

In a bid to reinforce the security lifecycle of hardware-based passkeys and reduce the risk of identity fraud, Yubico has entered new collaborations with identity-verification firms HYPR and Nametag.

The move is designed to tie verified identities to hardware-based passkeys from the point of onboarding.

A malicious npm package was observed typosquatting a legitimate package with the intent of targeting GitHub-owned reposi...
11/13/2025

A malicious npm package was observed typosquatting a legitimate package with the intent of targeting GitHub-owned repositories, according to Veracode research.

Typosquatting attack underscores how fragile the software supply chain has become in the open-source era.

SAP disclosed a maximum severity flaw in SQL Anywhere Monitor (Non-GUI), which involved hard-coded credentials and could...
11/13/2025

SAP disclosed a maximum severity flaw in SQL Anywhere Monitor (Non-GUI), which involved hard-coded credentials and could have led to arbitrary code ex*****on.

SAP disclosed 18 new vulnerabilities, including two critical flaws and one high severity bug.

Security teams are breaking free from endless alerts and patches. agents now triage, classify, and resolve incidents i...
11/12/2025

Security teams are breaking free from endless alerts and patches. agents now triage, classify, and resolve incidents in real time — cutting toil and boosting resilience, says PagerDuty's Pritesh Parekh in this commentary. The future of security is hybrid: humans lead, AI handles the grind.

AI agents reduce security toil by automating routine tasks and improving efficiency safely.

Agentic is closing the gap between EDR and NDR. Darktrace’s new NEXT platform unifies network + endpoint telemetry, en...
11/12/2025

Agentic is closing the gap between EDR and NDR. Darktrace’s new NEXT platform unifies network + endpoint telemetry, enabling autonomous, cross-domain detection and faster incident response.

Cybersecurity point solutions tend to leave gaps between themselves, but agentic AI can now be used to fill in those blind spots and provide blanket coverage.

EchoLeak (CVE-2025-32711) proves agentic threats are no longer theoretical, says Radware's Pascal Geenens. Hidden prom...
11/12/2025

EchoLeak (CVE-2025-32711) proves agentic threats are no longer theoretical, says Radware's Pascal Geenens. Hidden prompt injections in routine tasks can exfiltrate enterprise data via Copilot or chat agents.

Agentic AI has expanded the attack surface – here’s how to fight back.

The Cybersecurity and Infrastructure Security Agency added a critical Samsung flaw (CVE-2025-21042) to its Known Exploit...
11/12/2025

The Cybersecurity and Infrastructure Security Agency added a critical Samsung flaw (CVE-2025-21042) to its Known Exploited Vulnerabilities list after Palo Alto Networks' Unit42 revealed zero-day attacks deploying LANDFALL via WhatsApp on Samsung devices.

Android spyware spread in zero-day attacks on high-end Samsung devices running WhatsApp.

Address

400 Madison Avenue
New York, NY
10017

Opening Hours

Monday 9am - 5pm
Tuesday 9am - 5pm
Wednesday 9am - 5pm
Thursday 9am - 5pm
Friday 9am - 5pm

Website

Alerts

Be the first to know and let us send you an email when SC Media posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to SC Media:

Shortcuts

Share

Category