soc

Navigating the Secure Networks Act: What Restricted Equipment Means for Your Organization Most organizations assume that if a technology is widely used, it is acceptable to deploy which is not exactly wrong until the opposite is said. But, List of Equipment and Services Covered By Section 2 of The Secure Networks Act just said the […]

CVE-2026-3055: NetScaler Memory Disclosure Puts SAML-Enabled Edge Devices at Risk Citrix has released fixes for two NetScaler vulnerabilities that security teams should review right away: CVE-2026-3055 and CVE-2026-4368. The first is a critical memory overread issue while the second is a race condition that can cause user session mix-ups. Both matter because NetScaler ADC and […]

U.S. State and Local Government Under Ransomware: 2025–2026 Trend Analysis U.S. state and local government organizations remain under growing pressure from ransomware, making the issue a major cybersecurity and public service concern in 2025 and 2026. From city administrations and county offices to school districts, courts, and public safety agencies, these institutions rely on connected […]

U.S. Institutions and the Dark Web: What’s Being Sold and Who’s Buying? The modern Dark Web has evolved from a fragmented collection of independent hackers into a highly sophisticated, industrialized economy. The Dark Web market features established business practices, including specialized labor (such as Initial Access Brokers or malware developers), escrow systems, vendor reputation scores, […]

Two cybersecurity leaders tested out AI in their respective SOCs for six months — and here’s what they learned.

AstraZeneca Data Breach: What You Need to Know A newly surfaced Dark Web post is drawing attention to an alleged AstraZeneca data breach linked to the LAPSUS$ threat group. Based on the materials reviewed, the claim goes beyond a routine leak post and suggests possible exposure of internal code repositories, access-related data, cloud and infrastructure […]

CVE-2025-32975: Quest KACE SMA SSO Authentication Bypass Enables Admin Takeover Quest KACE Systems Management Appliance (SMA) has a maximum-severity vulnerability, CVE-2025-32975, that allows an attacker to bypass authentication in the product’s SSO authentication handling. An unauthenticated attacker can potentially impersonate legitimate users and work toward full administrative takeover. Reporting in March 2026 tied suspicious, real-world […]

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2026-Adresse geschuetztSecure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant […]

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2022-20775 Cisco Catalyst SD-WAN Path Traversal Vulnerability CVE-2026-20127 Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability  These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the […]

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2021-Adresse geschuetztLab Server-Side Request Forgery (SSRF) Vulnerability CVE-2026-Adresse geschuetztRecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the […]