In a rare and potentially industry-shaping move, CrowdStrike and Microsoft have announced a formal collaboration to deconflict cyber threat attribution. The two cybersecurity giants are aligning their threat intelligence efforts to reduce confusion and enhance consistency in naming and describing threat actors across the ecosystem. Their joint blog post frames this as a win for the broader community, aiming to eliminate the friction caused by different vendors assigning different names and motivations to the same malicious actors. Cyber threat attribution is notoriously murky. Different vendors have historically used unique naming conventions (e.g., CrowdStrike's "Fancy Bear" versus Microsoft's "STRONTIUM") for the same threat actors, leading to confusion among security teams, media, and even policymakers...Read more
Did you know that 98% of K-12 IT teams faced phishing attacks last year—even with security tools in place? So what's missing from the equation? Join our live webinar on June 10th as we unpack insights from a nationwide survey of K-12 security leaders and show how AI is transforming the fight against phishing. You'll learn practical strategies to better protect your organization. Register now!
A new wave of malicious packages found across npm, PyPI, and RubyGems has again exposed how vulnerable the open-source software supply chain remains to exploitation. According to new research from Socket, threat actors are actively publishing clones of legitimate software packages that, once installed, execute harmful payloads ranging from cryptocurrency theft to full codebase deletion. Researchers uncovered...Read more
In a matter of days, three major cybersecurity incidents have hit the retail and financial services sectors, drawing renewed attention to supply chain vulnerabilities, credential-based attacks, and the increasing value of non-financial customer data. These breaches—affecting Cartier, Main Street Bank, and The North Face—underscore the rising threat landscape facing luxury and everyday consumer brands. French... Read more
In its 2025 State of SIEM report, CardinalOps delivers a stark message to cybersecurity professionals: despite massive investments in Security Information and Event Management platforms, most organizations are blind to a majority of known MITRE ATT&CK techniques. And the situation isn't improving fast enough. With data pulled from real-world production SIEM environments, the report exposes persistent... Read more
In a significant cybersecurity incident, security researcher Jeremiah Fowler has uncovered an unprotected database containing more than 184 million login credentials. The 47.42 GB trove included plaintext usernames and passwords linked to major platforms such as Google, Apple, Microsoft, Facebook, Instagram, Snapchat, and Roblox. Alarmingly, the database also held sensitive data from banking institutions... Read more
The economics of cyberattacks heavily favor attackers. Malware kits and 0-day exploits now come with SLAs and support, mirroring legitimate software vendors. AI is accelerating this trend, making sophisticated attack techniques—once exclusive to nation-state actors—widely accessible. This session explores how AI-driven hunting techniques, machine... Register here
Quote of the Week
It is commendable that both industry stalwarts are coming together in a way that could benefit the cybersecurity community. If this goes well, it would be great to see others follow suit. The more standardized and common language we speak, the less the effort to understand for taking appropriate action.
We're proud to serve cybersecurity communities in 15 North American markets, hosting events that facilitate learning, collaboration, and lasting connections. Registration is open for our upcoming virtual conference for the Pacific, Mountain, and Central regions, as well as live events covering the topics of Critical Infrastructure and AI in Cybersecurity. See our Events schedule, mark your calendar, and register today!
Our Mission: Connecting, informing, and developing leaders in cybersecurity
SecureWorld
15495 SW Sequoia Parkway, Suite 140
Portland,
OR
97224
United States
You received this email because you are subscribed to News & Media Subscription from SecureWorld.
Update your email preferences to choose the types of emails you receive.
Webcast: Tipping the Scales Back in Our Favor
