Technology

Cybersecurity in Healthcare: Protecting Patient Data in the Age of AI, IoMT, and Ransomware

Nov 28, 2025 By SecuritySenses In SecuritySenses

Over the past decade, the global healthcare sector has undergone a sweeping digital transformation. Electronic Health Records (EHRs) moved to the cloud, hospitals adopted remote telemetry systems, pharmacies automated workflows, and AI-powered diagnostics entered day-to-day clinical practice. The result is a faster, more connected, and more data-rich healthcare ecosystem. But this connectivity has a cost.

Read Post

SecuritySenses

Read more about Cybersecurity in Healthcare: Protecting Patient Data in the Age of AI, IoMT, and Ransomware

Quttera Launches "Evidence-as-Code" API to Automate Security Compliance for SOC 2 and PCI DSS v4.0

Nov 27, 2025 By Quttera

New API capabilities and AI-powered Threat Encyclopedia eliminate manual audit preparation, providing real-time compliance evidence and instant threat intelligence.

Read Post

Read more about Quttera Launches "Evidence-as-Code" API to Automate Security Compliance for SOC 2 and PCI DSS v4.0

Gradual by Design: What the Cloudflare Outage Reveals About Robust SASE Architecture and Operations

Nov 27, 2025 By Dr. Guy Waizel In Cato Networks

On November 18, 2025, a single configuration file change at Cloudflare disrupted access to large parts of the web. Around 11:20 UTC, Cloudflare’s network began returning a surge of HTTP 5xx errors. Users trying to reach services like X (formerly Twitter), ChatGPT/OpenAI, Ikea, Canva, and many others suddenly saw Cloudflare-branded error pages instead of the applications they expected. Cloudflare mitigated the issue, restored service, and published a detailed public report.

Read Post

Cato Networks

Read more about Gradual by Design: What the Cloudflare Outage Reveals About Robust SASE Architecture and Operations

Hackers Skipped the Payment Step: BLA 4 is Pure Logic Evasion #transitionvalidation #businesslogic

Nov 27, 2025 By Wallarm In Wallarm

Missing Transition Validation (BLA 4) is a subtle but devastating threat. It exploits the sequence of steps in your application's workflow. The flaw? Your application fails to check that Step 2 (Payment) occurred before allowing access to Step 3 (Confirmation). The attacker simply draws a line straight to the goal! This attack is: Difficult to Detect: It uses valid requests in an invalid sequence. Tightly Coupled: It's unique to your application's specific logic. You need deep, sequence-aware runtime protection.

View Video

Wallarm

Read more about Hackers Skipped the Payment Step: BLA 4 is Pure Logic Evasion #transitionvalidation #businesslogic

Identity is quietly becoming the bottleneck in Automotive

Nov 27, 2025 By Claire Tennant In Device Authority

Automotive programs are moving faster than many engineering teams planned for. Regulatory pressure — from UN R155/R156 (WP.29) and ISO/SAE 21434 to the forthcoming EU Cyber Resilience Act — is reshaping expectations for how identity, signing, and software integrity are managed across the entire ECU and OTA lifecycle. At the same time, SERMI is redefining workshop and diagnostic access, introducing strong authentication into processes that were previously loosely governed.

Read Post

Device Authority

Read more about Identity is quietly becoming the bottleneck in Automotive

Advanced Data Tokenization: Best Practices & Trends 2025

Nov 27, 2025 By Anwita In Protecto

Breaches got faster. Architectures got messier. And data stopped living in tidy tables. Modern stacks push personal and regulated data through microservices, data lakes, event streams, vector stores, and LLM prompts. Encryption still matters, but it protects containers, not behaviors. As soon as an app decrypts a record, risk comes roaring back.

Read Post

Protecto

Read more about Advanced Data Tokenization: Best Practices & Trends 2025

19 AI Risk Leaders Driving Enterprise Transformation

Nov 26, 2025 By Kovrr In Kovrr

‍ AI has moved from experimentation to everyday infrastructure, shaping decisions and workflows across nearly every industry. However, in the rush to harness its speed and efficiency, many enterprises adopted GenAI and other AI systems faster than they built the structures necessary to govern them. The result is an all-too-familiar pattern of powerful technology being deployed widely before its risks are fully understood, let alone managed. ‍

Read Post

Kovrr

Read more about 19 AI Risk Leaders Driving Enterprise Transformation

EP 20 - Why agentic AI is changing the security risk equation

Nov 26, 2025 By CyberArk In CyberArk

As enterprises embrace agentic AI, a new security risk equation emerges. In this episode of Security Matters, host David Puner sits down with Lavi Lazarovitz, VP of Cyber Research at CyberArk Labs, to unpack how AI agents and identity security are reshaping the threat landscape. Learn why privileged access is now the fault line of enterprise security, how attackers exploit overprivileged AI agents, and what security teams must rethink before scaling AI. Packed with real-world examples and actionable insights, this is a must-listen for anyone meeting the challenges of AI and cybersecurity.

View Video