Paddy Harrington

2025 marks the 28th year of Black Hat, and although it remains on the edgier side of corporate-focused cybersecurity conferences, it sometimes feels like the event is considering completely ditching its hoodie in favor of a collared shirt.

Windows 11’s new Quick Machine Recovery and kernel-space security changes mark a turning point in enterprise resilience. As Windows 10 nears retirement, these features offer IT leaders compelling reasons to upgrade beyond just compliance.

In today’s hyper-connected buildings, cybercriminals don’t need grappling hooks or disguises — just a vulnerable thermostat or door lock to breach your defenses and disrupt your operations.

When you can’t change the security of external technologies such as IoT, OT, or power infrastructure, you must adapt your internal cybersecurity policies and controls to mitigate the risks that they introduce.

Windows 11 introduces a new security feature that separates admin and user roles, bringing a sudolike experience to the desktop.

In the world of autonomous endpoints, we are dealing with five primary acronyms. To clarify the meaning of these acronyms, here is some guidance and perspective.

Collaboration emerged as a key theme for unlocking the power of emerging technology and tackling tough challenges for healthcare at the Healthcare Information and Management Systems Society (HIMSS) annual conference for 2025. Get more of our key takeaways here.

Securing IoT devices presents unique challenges due to their proprietary operating systems and firmware, which often preclude traditional endpoint protection methods. This blog explores the critical role of network segmentation and Zero Trust principles in mitigating risks, emphasizing the importance of robust edge, network, and gateway security measures to defend against sophisticated attacks such as the Androxgh0st botnet and Akira ransomware.

Cybersecurity vendor ThreatLocker recently hosted its fifth annual Zero Trust World (ZTW) conference in Orlando, welcoming attendees from 28 countries to learn about Zero Trust principles and ThreatLocker offerings. Over two days, the event celebrated Zero Trust as a cybersecurity model and the ThreatLocker approach for achieving Zero Trust. Industry leaders, managed service providers, security […]

Forrester's security and risk research team breaks down the key highlights and implications of former US President Joe Biden’s 2025 Executive Order (EO) 14144 on strengthening security, improving accountability for software and cloud service providers, and promoting innovation, including use of emerging technologies.

The US government is doing something positive around IoT security. With the launch of the US Cyber Trust Mark program, the Federal Communications Commission (FCC) authorized a program and developed rules that bring forward a voluntary labeling standard.

Skoda and Volkswagen are the latest vehicle manufacturers that have had vulnerabilities discovered in their cars that could allow malicious actors to execute code remotely. Find out more about privacy risks in cars and what can be done to minimize them.

Learn why the Android OS can be just as vulnerable to attacks as Windows and what steps you can take to minimize the risk.

The range of threats targeting mobile devices is extensive, and as AI is integrated into more applications and platforms, security pros will need to implement more controls to reduce risk.

When it comes to mobile device security, barely half of organizations are using unified endpoint management (UEM). That’s like locking the front door and leaving the side door wide open. Find out why security teams overlook mobile devices in this preview of our upcoming Security & Risk Summit.

A variant of the Mirai DDoS botnet that arrived in late 2016 and has remained active (because its creators released the malware for anyone to use) is using unpatched (and, in this case, unpatchable) AVTECH closed-circuit television cameras as part of its botnet to attack targets of opportunity, such as an early target of the […]

What happens when five security analysts gather at a security conference in Las Vegas? Stuff gets broke. Find out more in this review of the recent BlackHat USA event.

Learn how applying Zero Trust, identity and access management, and endpoint detection and response (EDR) can help protect VMware’s ESXi hypervisor from a newly exploited vulnerability.

Tech leaders considering migrating critical systems away from Windows to other operating systems in the wake of CrowdStrike might want to give that strategy some thought. Find out why.