Author: Robert Timlick

  • Shadow AI Discovery: A Critical Part of Enterprise AI Governance

    Shadow AI Discovery: A Critical Part of Enterprise AI Governance

    The Harsh Truths of AI Adoption
    MITs State of AI in Business report revealed that while 40% of organizations have purchased enterprise LLM subscriptions, over 90% of employees are actively using AI tools in their daily work. Similarly, research from Harmonic Security found that 45.4% of sensitive AI interactions are coming from personal email accounts, where employees are bypassing corporate
  • Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices

    Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices

    Cybersecurity researchers have flagged a Ukrainian IP network for engaging in massive brute-force and password spraying campaigns targeting SSL VPN and RDP devices between June and July 2025.
    The activity originated from a Ukraine-based autonomous system FDN3 (AS211736), per French cybersecurity company Intrinsec.
    “We believe with a high level of confidence that FDN3 is part of a wider abusive
  • Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

    Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

    The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with WatchDog Anti-malware as part of a Bring Your Own Vulnerable Driver (BYOVD) attack aimed at disarming security solutions installed on compromised hosts.
    The vulnerable driver in question is “amsdk.sys” (version 1.0.600), a 64-bit, validly signed Windows kernel device driver
  • Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

    Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

    Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to inject malicious code into desktop apps for cryptocurrency wallets like Atomic and Exodus on Windows systems.
    The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, and README descriptions, attracting a total of 347
  • Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans

    Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans

    Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, to also distribute simpler malware such as SMS stealers and basic spyware.
    These campaigns are propagated via dropper apps masquerading as government or banking apps in India and other parts of Asia, ThreatFabric said in a report
  • ⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More

    ⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More

    Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door.
    The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and clever tricks to move from small entry points to large
  • When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider

    When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider

    As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of security incidents now originate from web applications accessed via Chrome, Edge, Firefox, and other browsers. One particularly fast-evolving adversary, Scattered Spider, has made it their mission to wreak havoc on enterprises by specifically targeting
  • ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

    ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

    Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT.
    The activity has been codenamed Operation HanKook Phantom by Seqrite Labs, stating the attacks appear to target individuals associated with the National Intelligence Research Association, including academic figures
  • Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

    Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

    Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate software for malicious purposes.
    “In this incident, the threat actor used the tool to download and execute Visual Studio Code with the likely intention of creating a
  • Securing Your Supply Chain: Practical Cybersecurity Steps for Small Businesses

    Securing Your Supply Chain: Practical Cybersecurity Steps for Small Businesses

    Picture this: your business’s front door is locked tight, alarm systems are humming, and firewalls are up, but someone sneaks in through the back door, via a trusted vendor. Sound like a nightmare? It’s happening more often than you think. Cybercriminals aren’t always hacking directly into your systems anymore. Instead, they exploit the vulnerabilities in the software, services, and suppliers you rely on every day. For small businesses, this can feel like an impossible puzzle. How do you secure every link in a complex chain when resources are tight?

    That’s where reliable IT solutions come in. They help you gain visibility and control over your entire supply chain, providing the tools to spot risks early and keep your business safe without breaking the bank.

    A report shows that 2023 supply chain cyberattacks in the U.S. affected 2,769 entities, a 58% increase from the previous year and the highest number reported since 2017.

    The good news is you don’t have to leave your business exposed. With the right mindset and practical steps, securing your supply chain can become manageable. This article walks you through easy-to-understand strategies that even the smallest business can implement to turn suppliers from a risk into a security asset.

    Why Your Supply Chain Might Be Your Weakest Link

    Here’s the harsh truth: many businesses put a lot of effort into protecting their internal networks but overlook the security risks lurking in their supply chain. Every vendor, software provider, or cloud service that has access to your data or systems is a potential entry point for attackers. And what’s scarier? Most businesses don’t even have a clear picture of who all their suppliers are or what risks they carry.

    A recent study showed that over 60% of organizations faced a breach through a third party, but only about a third trusted those vendors to tell them if something went wrong. That means many companies find out about breaches when it’s already too late, after the damage is done.

    Step 1: Get a Clear Picture: Map Your Vendors and Partners

    You might think you know your suppliers well, but chances are you’re missing a few. Start by creating a “living” inventory of every third party with access to your systems, whether it’s a cloud service, a software app, or a supplier that handles sensitive information.

    • List everyone: Track every vendor who touches your data or systems.
    • Go deeper: Look beyond your direct vendors to their suppliers, sometimes risks come from those hidden layers.
    • Keep it current: Don’t treat this as a one-time job. Vendor relationships change, and so do their risks. Review your inventory regularly.

    Step 2: Know Your Risk: Profile Your Vendors

    Not all vendors carry the same weight in terms of risk. For example, a software provider with access to your customer data deserves more scrutiny than your office supplies vendor.

    To prioritize, classify vendors by:

    • Access level: Who can reach your sensitive data or core infrastructure?
    • Security history: Has this vendor been breached before? Past problems often predict future ones.
    • Certifications: Look for security certifications like ISO 27001 or SOC 2, but remember, certification isn’t a guarantee, dig deeper if you can.

    Step 3: Don’t Set and Forget: Continuous Due Diligence

    Treating vendor security like a box to check once during onboarding is a recipe for disaster. Cyber threats are evolving, and a vendor who was safe last year might be compromised now.

    Here’s how to keep your guard up:

    • Go beyond self-reports: Don’t rely only on questionnaires from vendors, they often hide problems. Request independent security audits or penetration testing results.
    • Enforce security in contracts: Make sure contracts include clear security requirements, breach notification timelines, and consequences if those terms aren’t met.
    • Monitor continuously: Use tools or services that alert you to any suspicious activity, leaked credentials, or new vulnerabilities in your vendor’s systems.

    Step 4: Hold Vendors Accountable Without Blind Trust

    Trusting vendors to keep your business safe without verification is a gamble no one should take. Yet, many businesses do just that.

    To prevent surprises:

    • Make security mandatory: Require vendors to implement multi-factor authentication (MFA), data encryption, and timely breach notifications.
    • Limit access: Vendors should only have access to the systems and data necessary for their job, not everything.
    • Request proof: Ask for evidence of security compliance, such as audit reports, and don’t stop at certificates.

    Step 5: Embrace Zero-Trust Principles

    Zero-Trust means never assuming any user or device is safe, inside or outside your network. This is especially important for third parties.

    Key steps include:

    • Strict authentication: Enforce MFA for any vendor access and block outdated login methods.
    • Segment your network: Make sure vendor access is isolated, preventing them from moving freely across your entire system.
    • Verify constantly: Recheck vendor credentials and permissions regularly to ensure nothing slips through the cracks.

    Businesses adopting Zero-Trust models have seen a huge drop in the impact of vendor-related breaches, often cutting damage in half.

    Step 6: Detect and Respond Quickly

    Even the best defenses can’t guarantee no breach. Early detection and rapid response make all the difference.

    Practical actions include:

    • Monitoring vendor software: Watch for suspicious code changes or unusual activity in updates and integrations.
    • Sharing threat info: Collaborate with industry groups or security services to stay ahead of emerging risks.
    • Testing your defenses: Conduct simulated attacks to expose weak points before cybercriminals find them.

    Step 7: Consider Managed Security Services

    Keeping up with all of this can be overwhelming, especially for small businesses. That’s where managed IT and security services come in.

    They offer:

    • 24/7 monitoring: Experts watch your entire supply chain non-stop.
    • Proactive threat detection: Spotting risks before they escalate.
    • Faster incident response: When something does happen, they act quickly to limit damage.

    Outsourcing these tasks helps your business stay secure without stretching your internal resources thin.

    Ignoring supply chain security can be costly. The average breach involving a third party now tops $4 million, not to mention the damage to reputation and customer trust.

    On the flip side, investing in proactive supply chain security is an investment in your company’s future resilience. It protects your data, your customers, and your bottom line.

    Taking Action Now: Your Supply Chain Security Checklist

    • Map all vendors and their suppliers.
    • Classify vendors by risk and access level.
    • Require and verify vendor security certifications and audits.
    • Make security mandatory in contracts with clear breach notification policies.
    • Implement Zero-Trust access controls.
    • Monitor vendor activity continuously.
    • Consider managed security services for ongoing protection.

    Stay One Step Ahead

    Cyber attackers are not waiting for a perfect moment, they are scanning for vulnerabilities right now, especially those hidden in your vendor ecosystem. Small businesses that take a proactive, strategic approach to supply chain security will be the ones that avoid disaster.

    Your suppliers shouldn’t be the weakest link. By taking control and staying vigilant, you can turn your supply chain into a shield, not a doorway for attackers. The choice is yours: act today to protect your business or risk being the next headline.

    Contact us to learn how our IT solutions can help safeguard your supply chain.

    Featured Image Credit

    This Article has been Republished with Permission from The Technology Press.