With the advent of Zero Trust architecture, where the principle of “never trust, always verify” prevails, the importance of comprehensive access control has never been more pronounced. As cyber threats grow increasingly sophisticated, organizations are turning to advanced access control mechanisms to safeguard their sensitive data and assets. Unified Access Control (UAC) is at the forefront of this movement, enhancing enterprise security through three foundational pillars: Simplicity, Automation, and Insight. By embracing UAC, organizations can…

Software giant Oracle is expected to release patches for 320 new security vulnerabilities affecting over 90 products and services across 27 categories. These categories include Oracle’s Communications applications and executives, Construction and Engineering appliances, middleware and servers, and products and services part of the Oracle E-Business Suite. According to a pre-release announcement, the concerned vulnerabilities range from low  – with some being attributed CVSS scores between 4 and 6 – to critical severity. The most…

Within the renamed USDS, the order creates a temporary organization “dedicated to advancing the President’s 18-month DOGE agenda.” The US DOGE Service Temporary Organization will cease to exist on July 4, 2026. Across government, each agency head will be required to establish a “DOGE Team” consisting of four or more employees within 30 days. The teams will typically consist of a team lead, an engineer, a human resources specialist, and an attorney, and will be…

Security experts have warned that two ransomware groups are attempting to trick corporate victims into providing remote access to their machines, for data exfiltration and possible extortion. Sophos said it was tracking the threats as STAC5143 and STAC5777. The latter shares characteristics of Storm-1811 – a financially motivated cybercrime group known to deploy Black Basta ransomware. STAC5143 is a “previously unreported threat cluster” with possible links to prolific threat actors FIN7. Both campaigns observed by…

What is the Medusa ransomware? Medusa is a ransomware-as-a-service (RaaS) platform that first came to prominence in 2023. The ransomware impacts organisations running Windows, predominantly exploiting vulnerable and unpatched systems and hijacking accounts through initial access brokers. Initial access brokers? Initial access brokers (IABs) specialise in gaining unauthorised access to the networks of organisations, and then sell that access to other cybercriminals – such as ransomware gangs like Medusa. So the ransomware attackers may not…

The energy sector is the cornerstone of modern infrastructure, powering essential services and supporting the daily operations of economies worldwide. However, it also faces unique cybersecurity challenges, particularly in complying with the North American Electric Reliability Corporation’s Critical Infrastructure Protection (NERC CIP) standards. Cyber threats keep growing in sophistication and frequency and the sector’s critical assets—such as power grids, pipelines, and renewable energy networks—face unprecedented risk. The implications of a cyberattack on these systems extend…

NASA is about to introduce new requirements for its contractors. These requirements will dramatically improve the cybersecurity of spacecraft and the US’ resilience to cyber threats. But what do these requirements mean for spacecraft manufacturers? What challenges will they face? And what will they need to do to comply? Keep reading to find out.  Understanding the Cyber Space Threat While NASA has cybersecurity requirements for its spacecraft in operation, these requirements do not extend to…