Call Us

612-656-4162

Contact Us

Category: Blog

Browser Extensions Are the Quiet SSO Bypass

Most organizations have a process for evaluating software. Procurement reviews, security assessments, sometimes formal vendor questionnaires. Almost none of them have a process for evaluating what browser extensions their employees are running. That gap is exactly what this campaign exploits. Researchers at Socket documented 108 malicious Chrome extensions sharing a single command-and-control backend, collectively installed […]

What The FCC Router Ban Means For Security Leaders

Why This Matters Most teams treat consumer routers as commodity hardware. The FCC’s latest move challenges that assumption — blocking new foreign-made consumer routers from U.S. markets on national security grounds. The rationale is credible. State actors like Volt Typhoon have used small office and home office routers as staging points for intrusion, surveillance, and […]

Iran-Linked Cyber Surges Reward Boring Preparedness

When The Noise Arrives Early During recent U.S. and Israeli escalation involving Iran, security teams watching multiple environments saw something familiar: waves of spam and scanning activity showed up before the headlines fully landed. Whether you call it pre-positioning, opportunistic copycats, or state-adjacent actors moving on a predictable schedule, the operational point is the same. […]

Wearables Make Capture Passive

Wearable AI recording device pin on a suit jacket beside the title “The Rise of Wearable AI Surveillance,” representing cybersecurity risks of wearable AI recording devices.

A phone is an obvious recording device. A wearable pin is engineered to be frictionless and socially normal. That shifts risk in ways many meeting norms and acceptable use policies were never built for. When collection becomes passive, users do not need to decide to “record.” In some homes, automation assistants from Amazon or Google […]

The AI Agent Hype Cycle: When Viral Platforms Are More Human Than They Appear 

Two robotic hands suspended against a black background with puppet strings hanging from their fingers beneath the headline “Autonomous? Or Just Automated?”, symbolizing AI agent security and human-controlled automation.

A supposed social network for autonomous AI agents goes viral. Screenshots of AI conversations spread across LinkedIn and Twitter. Headlines suggest emergent machine behavior. Security professionals panic. Executives ask their CISOs what it means for their organization.  Then researchers look under the hood and find something far more mundane: humans with automation scripts.  The Promise […]

Greyware, Supply Chain Integrity, and Why “New” Network Equipment Must Mean Factory-Sealed

Opened enterprise network switch packaging with headline about supply chain integrity, illustrating cybersecurity and compliance risks.

When your brand-new Cisco switches arrive looking like they’ve been to a few parties without you, it’s not just an unboxing disappointment—it’s a supply chain red flag that could compromise your entire infrastructure. Let me tell you about a recent situation that perfectly illustrates why “trust but verify” isn’t paranoia in cybersecurity—it’s basic operational hygiene. […]

How AI Is Transforming Cybercrime and What It Means for Security Teams 

AI system analyzing cybersecurity data dashboards on multiple screens, illustrating AI-driven cybercrime detection and security operations.

Artificial intelligence is no longer a future concern for cybersecurity teams. It is a present-day force reshaping how cybercrime is planned, executed, and scaled. While AI has unlocked powerful new defensive capabilities, it has also lowered the barrier to entry for attackers, accelerated attack timelines, and made threats more adaptive than ever.  For security teams, […]

Meet Pwnagotchi: The AI WiFi Pet for Ethical Security Testing 

Pwnagotchi with pixel face displayed on an e-ink screen against a technology-themed background.

Meet Pwnagotchi: The AI Pet That Hunts WiFi Handshakes  In our original article, Meet Pwnagotchi: The AI Pet That Hunts WiFi Handshakes, we introduced Pwnagotchi as a playful but educational tool for understanding wireless security. You can read that original post here.  This updated version expands on that foundation and reflects how the Pwnagotchi ecosystem […]

Cybersecurity Highlights of 2025 and IT Security Predictions for 2026

Laptop viewed from above with hands typing on a keyboard, a digital shield and lock icon on the screen, and text reading “2025 Recap + 2026 Outlook” and “Cybersecurity Trends and IT Security Strategy Heading Into 2026,” representing cybersecurity planning and risk management.

Cybersecurity in 2025 marked a turning point for organizations of all sizes. Threats became faster, more targeted, and more disruptive, while leadership teams placed greater emphasis on cybersecurity risk management and resilience. IT security was no longer viewed as a technical concern alone. It became a business priority tied directly to uptime, revenue, and trust.  […]