< ciso
brief />
Tag Banner

All news with #news tag

324 articles

Microsoft at Black Hat USA 2026: Defending Trust

🔒 At Black Hat USA 2026, Microsoft Security highlights how threat actors exploit trusted systems—software, developer workflows, identities, and AI—to scale attacks. Sessions and briefings across August 4–6 focus on supply chain compromises, AI security, and practical defense strategies. Visit booth #2144 for demonstrations, expert-led services, and community events including a reception on August 5.
read more →

Windows Server 2022 to leave mainstream support in 2026

📰 Microsoft has announced that Windows Server 2022 will reach the end of mainstream support on October 13, 2026, and will transition to extended support with security updates through October 14, 2031. Customers are advised to plan upgrades to Windows Server 2025, the latest LTSC release available since November 2024. Microsoft also extended hotpatching for Datacenter: Azure Edition until October 2027 and highlighted lifecycle resources for planning migrations.
read more →

Bruce Schneier: Upcoming Speaking Engagements 2026

🗓️ This page lists Bruce Schneier's scheduled speaking engagements for mid to late 2026, including virtual and in-person appearances. Events include the Policy-Relevant Privacy Research Workshop (Calgary) on July 20, the Boston Leadership Exchange on July 22, and several conferences in Las Vegas, Anaheim, and Vancouver with dates in August through October. Specific talk times for several events are noted as TBD and the list is maintained on this page.
read more →

Lidl warns customers after third‑party data theft

🛡️ Lidl has alerted customers in Germany, Belgium and the Netherlands after personal data was stolen from a third‑party IT provider. The retailer said the online shop itself was not affected but a separately stored file containing names, phone numbers, emails, birth dates and customer numbers was accessed. Lidl stated passwords, payment details and delivery addresses are not impacted and urged vigilance against phishing. Forensics experts and authorities have been engaged and customers are advised to verify senders and avoid clicking unknown links.
read more →

Meta patents always-on AI to infer emotions from voice

📰 Meta filed a patent for an AI system that listens to users' voices throughout the day, timestamps emotional readings, and links them to context like location and device usage. The application, published July 2, 2026, describes devices from phones to smart glasses transcribing speech and tagging segments with emotional labels, and optionally combining biometrics and eye-tracking. A related set of claims describes a mood-aware fitness coach that adjusts guidance based on inferred emotional state. The filing is a claim on the idea rather than an announced product, and raises regulatory and privacy questions.
read more →

CISOs Warn Executives Lack Understanding of Cyber Risk

🔒 A MetaCompliance report (July 9) based on responses from over 200 European CISOs finds 78% believe C-level executives do not fully grasp cybersecurity risks tied to employee behaviour. The survey highlights fading leadership support for security awareness, with 79% saying backing wanes over time and 40% worried employees share sensitive data with generative AI tools. AI-driven social engineering is cited as a key factor eroding confidence in organisational cyber resilience.
read more →

AssuranceAmerica breach exposes millions of driver records

🔒 AssuranceAmerica disclosed a data breach impacting 6,998,886 individuals after detecting suspicious activity on March 17, 2026. The incident began with a targeted attack on an employee that allowed unauthorized access and copying of data files. Stolen records include names, contact details, policy and claims information, driver and vehicle data, and driver's license numbers. The insurer has disabled compromised credentials, isolated affected systems, notified law enforcement, and strengthened security controls.
read more →

Convicted Operators Run Controversial Cybersecurity Startup

🛡️ A cybersecurity startup called IRIS C2, linked to Calvexa Group LLC, is publicly recruiting researchers and offering large payouts for zero-day exploits. The venture is tied to convicted felons and far-right activists Jack Burkman and Jacob Wohl, who have a history of fake intelligence firms, robocall schemes, and legal penalties. IRIS C2 claims to sell offensive capabilities to governments and says it hires junior talent regardless of formal credentials.
read more →

FBI and Google Disrupt Major NetNut Proxy Network

🛡️ In a coordinated international action, the FBI and Google's Threat Intelligence Group disrupted NetNut, a large commercial residential proxy network built on the Popa botnet. The operation targeted infrastructure, seized domains and worked with partners like Lumen and the IRS to degrade the service. Google disabled accounts, updated Play Protect and removed compromised apps to reduce the pool of infected devices by millions. The takedown exposed ties between the botnet and reseller programs and prompted debate after some NetNut domains remained temporarily active.
read more →

Monthly security roundup — June 2026 highlights

🔍 ESET Chief Security Evangelist Tony Anscombe reviews key cybersecurity stories from June 2026, assessing implications for defenders. He covers new CISA vulnerability patching rules, attacks on Internet-exposed automatic tank gauge (ATG) systems, rising imposter-scam losses reported by the FTC, and proposed UK and Canada social media bans for under-16s. Tony outlines lessons for organizations beyond federal agencies and practical steps to reduce risk.
read more →

AI Transforms Capabilities of Video Surveillance

🛰️ The Financial Times reports on how AI is transforming video surveillance, drawing on examples from Israel, Iran and Russia. These AI tools let analysts ask natural-language questions of video streams rather than rely on limited preset searches. Analysts can now search for behaviors—such as two people exchanging a bag, repeated vehicle movements, or changes in appearance—creating new investigative possibilities. Officials call this shift a major advancement in surveillance capability.
read more →

AWS updates service availability and lifecycle changes

🔔 AWS is announcing availability changes affecting several services and features, with some moving to Maintenance and others entering Sunset or already at End of Support. Services moving to maintenance will not be accessible to new customers after specified dates, but existing customers can continue use. Several SageMaker features and select media and communication components are impacted. AWS provides migration guides and support resources to help affected customers.
read more →

Drone-assisted Disarmament Advances Policing Tech

🛡️ In Sacramento County, deputies used a drone equipped with a high-powered magnet to retrieve a knife from a suspect hiding inside a cluttered residence after negotiators failed to get a response. An officer wearing goggles operated the drone, located the suspect in a garage corner, and secured the weapon, which can be seen spinning as the drone returned it to deputies. The event was posted June 22 on the Sheriff's Office Instagram and accompanied online discussion.
read more →

Poland Busts SIM-Swapping Gang Linked to Crypto Theft

🔎 Polish authorities arrested four suspects accused of orchestrating SIM-swapping attacks after breaching telecommunications partners and hijacking email accounts. The operation, led by the Polish Cybercrime Bureau (CBZC) with assistance from the FBI and HSI, uncovered sophisticated intrusions used to intercept SMS and email communications and seize crypto exchange accounts. Investigators estimate the group laundered millions via distributed financial networks and multiple bank accounts. The suspects face charges including organized crime, hacking, and money laundering, with potential sentences up to 25 years.
read more →

PirloTV sports piracy network disrupted in domain seizure

🔎 PirloTV, a network of sites embedding unauthorized live sports streams, has had 44 domains seized in a coordinated action. The Alliance for Creativity and Entertainment (ACE), UEFA, UC3, and Mexican authorities targeted domains that generated over 950 million visits annually, with heavy traffic from Mexico and Colombia. The takedown occurred ahead of the UEFA Champions League final and may affect piracy during the ongoing FIFA World Cup. Despite the seizures, some domains remain indexed and the network can quickly migrate to new domains.
read more →

World Cup 2026 Scams: Watch for Fake Streams

⚠️ Scammers are exploiting World Cup hype with fake streaming sites, fraudulent betting platforms, and counterfeit merchandise stores that harvest payments and personal data. Many sites demand extensive personal information or up-front payments, sometimes even in cryptocurrency, and use professional-looking pages to trick victims. Fans and bettors risk losing money and having credentials reused across accounts stolen; strong security measures and unique passwords are advised.
read more →

Telegram admits limits detecting exam leak channels

📄 India's government told the Delhi High Court that it warned Telegram roughly two weeks before blocking the app amid allegations channels were selling leaked NEET-UG 2026 exam papers. The Ministry of Electronics and Information Technology and the National Testing Agency identified groups, channels and bots circulating stolen material and reported them to Telegram. The affidavit says Telegram acknowledged limited proactive detection and relied on reported content, while India's block—initially framed as a measured step—remains in effect pending the court's ruling.
read more →

New CISO and CSO Appointments Across Industries

🔐 This column tracks recent senior security hires as companies strengthen defenses and expand leadership. It lists new CISO and CSO appointments from January through June 2026, noting prior roles and backgrounds. Entries include hires at SolarWinds, micro1, Green Impact Exchange, and Cohesity, highlighting experience in government, cloud, and enterprise security. The piece also invites readers to submit announcements to the editor.
read more →

India’s Telegram Ban, BGP Fallout and Workarounds

📰 India blocked Telegram until June 22 after leaked exam materials circulated on the platform, prompting Telegram CEO Pavel Durov to allege BGP hijacking by Reliance that affected users as far as the UAE. The ban, and an additional restriction on message editing, prompted legal challenges and criticism from digital-rights groups calling the move disproportionate. Analysts confirmed a routing leak from AS18101 via FLAG Telecom but dispute claims of deliberate sabotage; MTProto proxies are recommended to restore access.
read more →

Bruce Schneier — Upcoming 2026 Speaking Schedule

📅 This page lists Bruce Schneier’s confirmed speaking engagements in June–October 2026, including keynotes, panels, and talks across Europe and North America. Events include Cybernation 2026 in Berlin, the Potsdam Conference at Hasso Plattner Institut, panels in Vienna, a talk at Czech Technical University in Prague, the Nuremberg Digital Festival, and CanSecWest in Vancouver. Times and formats vary; one panel is via Zoom.
read more →