The Execution Playbook For Indian Companies
Shashank Bajpai, CISO & CTSO at Yotta 2026 is the execution year for India’s Digital Personal Data Protection (DPDP) regime , the Rules were notified…
Month: December 2025
Windows Remote Access Connection Manager Vulnerability Enables Arbitrary Code Execution
A critical security issue involving the Windows Remote Access Connection Manager (RasMan) that allows local attackers to execute arbitrary code with System privileges. While investigating CVE-2025-59230,…
New VolkLocker Ransomware Variant Targets Both Linux and Windows Systems
CyberVolk, a pro-Russia hacktivist group first documented in late 2024, has resurfaced with a sophisticated ransomware-as-a-service (RaaS) offering called VolkLocker after months of dormancy caused…
Prometheus: Open-source metrics and monitoring systems and services
Prometheus is an open-source monitoring and alerting system built for environments where services change often and failures can spread fast. For security teams and DevOps…
CISA Adds Sierra Router Vulnerability to KEV Catalogue Following Active Exploitation
A critical vulnerability affecting Sierra Wireless routers has been added to its Known Exploited Vulnerabilities (KEV) catalog. This decision comes after evidence emerged that the…
EDR Process Sideloading to Conceal Malicious Activity
Initial access broker Storm-0249 has evolved from a mass phishing operation into a sophisticated threat actor weaponizing legitimate Endpoint Detection and Response (EDR) processes through…
How researchers are teaching AI agents to ask for permission the right way
People are starting to hand more decisions to AI agents, from booking trips to sorting digital files. The idea sounds simple. Tell the agent what…
VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption
Dec 15, 2025Ravie LakshmananRansomware / Cybercrime The pro-Russian hacktivist group known as CyberVolk (aka GLORIAMIST) has resurfaced with a new ransomware-as-a-service (RaaS) offering called VolkLocker…
Asahi Group Considers New Cybersecurity Unit After Attack
Asahi Group Holdings Ltd. is weighing the creation of a dedicated cybersecurity unit as it continues to deal with the prolonged impact of a ransomware…
Europe’s DMA raises new security worries for mobile ecosystems
Mobile security has long depended on tight control over how apps and services interact with a device. A new paper from the Center for Cybersecurity…
Manufacturing is becoming a test bed for ransomware shifts
Manufacturing leaders may feel that ransomware risk has settled, but new data shows the threat is shifting in ways that require attention, according to a…
CISA Releases Guidance for Managing UEFI Secure Boot on Enterprise Devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the National Security Agency (NSA), has issued new guidance urging enterprises to verify and…