@guardian360.bsky.social
Een ISO 27001-certificering is allesbehalve eenvoudig. Toch lokken securitystandaarden een schijnveiligheid uit. Meer standaarden en protocollen helpen, maar de realiteit blijft dat er niet zoiets bestaat als gegarandeerde veiligheid. www.techzine.nl/blogs/securi...
ISO 27001 wekt vertrouwen, maar is slechts het begin
Wat is een ISO 27001-certificering waard? En wat wordt er precies gemeten? Lees er hier over in deze Techzine-analyse.
www.techzine.nl
February 12, 2026 at 3:15 PM
Een ISO 27001-certificering is allesbehalve eenvoudig. Toch lokken securitystandaarden een schijnveiligheid uit. Meer standaarden en protocollen helpen, maar de realiteit blijft dat er niet zoiets bestaat als gegarandeerde veiligheid. www.techzine.nl/blogs/securi...
Odido is getroffen door een grote cyberaanval. Criminelen hadden daardoor toegang tot een bestand met klantgegevens van mogelijk 6,2 miljoen mensen, zegt een woordvoerder van Odido tegen de NOS.
February 12, 2026 at 12:47 PM
Odido is getroffen door een grote cyberaanval. Criminelen hadden daardoor toegang tot een bestand met klantgegevens van mogelijk 6,2 miljoen mensen, zegt een woordvoerder van Odido tegen de NOS.
Threat actors are pouncing on new vulnerabilities in SolarWinds Web Help Desk (WHD), further illustrating the risks of applications exposed to the public Internet.
SolarWinds WHD is an IT support and asset management platform used by enterprises and government agencies.
SolarWinds WHD is an IT support and asset management platform used by enterprises and government agencies.
February 12, 2026 at 8:00 AM
Threat actors are pouncing on new vulnerabilities in SolarWinds Web Help Desk (WHD), further illustrating the risks of applications exposed to the public Internet.
SolarWinds WHD is an IT support and asset management platform used by enterprises and government agencies.
SolarWinds WHD is an IT support and asset management platform used by enterprises and government agencies.
Microsoft on Tuesday released security updates to address a set of 59 flaws across its software, including six vulnerabilities that it said have been exploited in the wild.
Of the 59 flaws, five are rated Critical, 52 are rated Important, and two are rated Moderate in severity.
Of the 59 flaws, five are rated Critical, 52 are rated Important, and two are rated Moderate in severity.
February 11, 2026 at 2:00 PM
Microsoft on Tuesday released security updates to address a set of 59 flaws across its software, including six vulnerabilities that it said have been exploited in the wild.
Of the 59 flaws, five are rated Critical, 52 are rated Important, and two are rated Moderate in severity.
Of the 59 flaws, five are rated Critical, 52 are rated Important, and two are rated Moderate in severity.
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
February 11, 2026 at 12:30 PM
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
It’s fashionable right now to declare that “non-financial use cases of crypto are dead.” Some people also claim that read write own has failed. These conclusions misunderstand both the thesis and the stage we’re in.
We are clearly in the financial era of blockchains.
We are clearly in the financial era of blockchains.
February 10, 2026 at 8:30 AM
It’s fashionable right now to declare that “non-financial use cases of crypto are dead.” Some people also claim that read write own has failed. These conclusions misunderstand both the thesis and the stage we’re in.
We are clearly in the financial era of blockchains.
We are clearly in the financial era of blockchains.
While current artificial intelligence (AI) agents and large language models (LLMs) continue to have significant issues in finding vulnerabilities and conducting penetration tests, they are already augmenting many human pen testers and even supplanting them.
February 9, 2026 at 11:04 AM
While current artificial intelligence (AI) agents and large language models (LLMs) continue to have significant issues in finding vulnerabilities and conducting penetration tests, they are already augmenting many human pen testers and even supplanting them.
There are many things we repeat in security that are just not true. “Security is a department of “No” (if anything, security gets told ‘No’).
February 9, 2026 at 9:35 AM
There are many things we repeat in security that are just not true. “Security is a department of “No” (if anything, security gets told ‘No’).
Faced with a quickly growing number of vulnerabilities — more than 48,100 in 2025, up 21% from the previous year — IT and security teams are searching for ways to prioritize which issues need patching and which can be put off for another day.
February 6, 2026 at 4:00 PM
Faced with a quickly growing number of vulnerabilities — more than 48,100 in 2025, up 21% from the previous year — IT and security teams are searching for ways to prioritize which issues need patching and which can be put off for another day.
A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands.
February 6, 2026 at 1:25 PM
A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands.
Het Onze-Lieve-Vrouwinstituut Pulhof in Antwerpen is slachtoffer van ransomware, meldt onder meer Het Nieuwsblad. De hackers dreigen de persoonlijke gegevens van leerlingen en leerkrachten op het darkweb aan te bieden als zij maandag geen losgeld hebben ontvangen.
February 6, 2026 at 10:00 AM
Het Onze-Lieve-Vrouwinstituut Pulhof in Antwerpen is slachtoffer van ransomware, meldt onder meer Het Nieuwsblad. De hackers dreigen de persoonlijke gegevens van leerlingen en leerkrachten op het darkweb aan te bieden als zij maandag geen losgeld hebben ontvangen.
In a novel approach to spear phishing, threat actors are using Windows screensaver files (.scr) to get past defender lines and compromise organizations.
February 5, 2026 at 5:45 PM
In a novel approach to spear phishing, threat actors are using Windows screensaver files (.scr) to get past defender lines and compromise organizations.
The US Cybersecurity and Infrastructure Security Agency (CISA) has sought for years to give organizations a leg up in their efforts to effectively prioritize and mitigate vulnerabilities, but one researcher has identified a major shortcoming in the agency's approach.
February 5, 2026 at 4:00 PM
The US Cybersecurity and Infrastructure Security Agency (CISA) has sought for years to give organizations a leg up in their efforts to effectively prioritize and mitigate vulnerabilities, but one researcher has identified a major shortcoming in the agency's approach.
The operators of DragonForce, a ransomware-as-a-service outfit that first surfaced in 2023, appear to be drawing heavily from the organized crime playbook, creating a cartel and attempting to bring mafia-style territorial organization — and a bit of muscle — to the ransomware
February 5, 2026 at 3:15 PM
The operators of DragonForce, a ransomware-as-a-service outfit that first surfaced in 2023, appear to be drawing heavily from the organized crime playbook, creating a cartel and attempting to bring mafia-style territorial organization — and a bit of muscle — to the ransomware
Reece Rogers: I Infiltrated Moltbook, the AI-Only Social Network Where Humans Aren’t Allowed, I went undercover on Moltbook and loved role-playing as a conscious bot. But rather than a novel breakthrough, the AI-only site is a crude rehashing of sci-fi fantasies.
February 5, 2026 at 12:00 PM
Reece Rogers: I Infiltrated Moltbook, the AI-Only Social Network Where Humans Aren’t Allowed, I went undercover on Moltbook and loved role-playing as a conscious bot. But rather than a novel breakthrough, the AI-only site is a crude rehashing of sci-fi fantasies.
More supply chain havoc from the GlassWorm threat has made its way into the software development mix, poisoning software components that have thousands of downstream users.
February 5, 2026 at 8:00 AM
More supply chain havoc from the GlassWorm threat has made its way into the software development mix, poisoning software components that have thousands of downstream users.
A new phishing scheme aims to trick organizations into giving up their Dropbox logins using a multistage obfuscation strategy.
Data security vendor Forcepoint on Monday published research concerning an email-based social engineering campaign observed in the wild.
Data security vendor Forcepoint on Monday published research concerning an email-based social engineering campaign observed in the wild.
February 3, 2026 at 4:00 PM
A new phishing scheme aims to trick organizations into giving up their Dropbox logins using a multistage obfuscation strategy.
Data security vendor Forcepoint on Monday published research concerning an email-based social engineering campaign observed in the wild.
Data security vendor Forcepoint on Monday published research concerning an email-based social engineering campaign observed in the wild.
A single threat actor has leveraged stolen credentials and missing MFA protections to breach dozens of major global organizations.
February 3, 2026 at 1:00 PM
A single threat actor has leveraged stolen credentials and missing MFA protections to breach dozens of major global organizations.
Security researchers at Miggo, have disclosed a vulnerability in Google’s Gemini assistant that allowed a standard calendar invitation to be used as an attack vector, exposing private meeting data through a form of prompt injection that relied entirely on natural language.
February 3, 2026 at 8:30 AM
Security researchers at Miggo, have disclosed a vulnerability in Google’s Gemini assistant that allowed a standard calendar invitation to be used as an attack vector, exposing private meeting data through a form of prompt injection that relied entirely on natural language.
The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update mechanism to redirect update traffic to malicious servers instead.
February 2, 2026 at 6:30 PM
The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update mechanism to redirect update traffic to malicious servers instead.
An open source AI agent dubbed OpenClaw — formerly MoltBot, née ClawdBot — has become the fastest-growing project on GitHub. But with that popularity has come security concerns. www.darkreading.com/applicat...
OpenClaw AI Runs Wild in Business Environments
The popular open source AI assistant (aka ClawdBot, MoltBot) has taken off, raising security concerns over its privileged control within users' computers.
www.darkreading.com
February 2, 2026 at 5:00 PM
An open source AI agent dubbed OpenClaw — formerly MoltBot, née ClawdBot — has become the fastest-growing project on GitHub. But with that popularity has come security concerns. www.darkreading.com/applicat...
As 2026 begins, the cybersecurity industry faces a pivotal moment, grappling with persistent threats and emerging challenges.
February 2, 2026 at 11:04 AM
As 2026 begins, the cybersecurity industry faces a pivotal moment, grappling with persistent threats and emerging challenges.
An eye-catching giant heart dangles from the ceiling in the lobby of Finnish security company WithSecure. The heart is crafted from 728 computer mice, crowdsourced from around the world, and each one is painted pink.
February 2, 2026 at 9:35 AM
An eye-catching giant heart dangles from the ceiling in the lobby of Finnish security company WithSecure. The heart is crafted from 728 computer mice, crowdsourced from around the world, and each one is painted pink.
Google-owned Mandiant on Friday said it identified an "expansion in threat activity" that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters.
January 31, 2026 at 4:00 PM
Google-owned Mandiant on Friday said it identified an "expansion in threat activity" that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters.
A former Google engineer accused of stealing thousands of the company's confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday.
January 30, 2026 at 7:15 PM
A former Google engineer accused of stealing thousands of the company's confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday.