Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Cybersecurity Maturity Model Certification (CMMC) 2.0 is the U.S. Department of Defense (DoD)’s updated cybersecurity compliance framework and an evolution of CMMC 1.0.

UNC6032 creates fake AI-themed websites, APT41 uses Google Calendar for command and control, and Void Blizzard targets critical sectors.

CIS compliance is the voluntary practice of aligning IT systems with the Center for Internet Security’s benchmarks and controls to proactively mitigate cybersecurity risks, meet regulatory requirements, and enhance organizational security posture.

Hazy Hawk uses DNS records to target domains, a new malware campaign delivers fileless Remcos RAT, and threat actors combine AES encryption and malicious npm packages in a novel phishing attack.

Tanium Engage is included with Tanium Core Plus, while Tanium Performance is part of the Tanium Endpoint Management solution.

Expert-driven threat hunting designed to uncover hidden adversaries, strengthen defenses, and streamline security responses–enhancing your Tanium investment.

Marbled Dust exploits a zero-day vulnerability in Output Messenger, a sophisticated phishing campaign uses Horabot malware, and TA406 shifts its targeting behavior.

Vibe coding is an approach to AI coding where artificial intelligence generates executable code from natural language prompts, which is then reviewed and refined by human developers to ensure accuracy and security.

Luna Moth threatens U.S. legal and financial firms, Venom Spider targets hiring managers and recruiters, and StealC malware receives new upgrades.

Infostealers threaten corporate security, Google observes 75 zero-day exploits in 2024, and Gremlin Stealer appears in an underground forum.