Articles by 'Eric Corcoran'

By Eric Corcoran, Posted in Technology Week in Review

Monday 9/29 The emerging use of malware invoking AI (Wiz) AI has been used by threat actors for all sorts of use cases for the past few years where victims have received the output of AI (such as LLM generated phishing emails), but in this latest evolution we’re seeing the payload contains prompts to LLMs and executes the output in the victim environment.  https://www.wiz.io/blog/the-emerging-use-of-malware-invoking-ai Persuasion engineering: how to influence humans, LLMs, and AI ag... read more.

• October 03, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 9/22 What is Shadow AI and what is the risk to your organization? (Delinea) Shadow IT issues are not new to organizations. Think unauthorized cloud purchases, unmanaged bring your own device (BYOD) programs, and rogue access points. Shadow AI is a natural consequence of governance lag. Users will always innovate with new technology faster than governance and security people can work to establish sane policies and effective guardrails. https://delinea.com/blog/what-is-shadow-ai-and-what-is-the-risk... read more.

• September 26, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 9/15 npm Supply Chain Attack via Open Source maintainer compromise (Snyk) The open source developer fell victim to a phishing email that allowed an attacker to gain access to their npm account. This enabled the attacker to inject malicious code into many highly popular npm packages, creating a supply chain attack. https://snyk.io/blog/npm-supply-chain-attack-via-open-source-maintainer-compromise/ The 2025 Cybersecurity Hall of Shame: 10 Mistakes People Still Make Many cybersecurity mistakes cont... read more.

• September 19, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 9/8 What Is a Hybrid Mesh Firewall and Why It Matters (Palo Alto Networks) A hardware-only approach leaves gaps at the edge, while cloud-only firewalls can’t provide consistent protection across on-premises infrastructure. The result is operational complexity with blind spots and an expanding attack surface. https://www.paloaltonetworks.com/blog/2025/08/hybrid-mesh-firewall-and-why-it-matters/ Cybersecurity Stop of the Month: BEC Attacks Targeting Government Agencies (Proofpoint) What make... read more.

• September 12, 2025

By Eric Corcoran, Posted in Technology Week in Review

Tuesday 9/4 What Is a Hybrid Mesh Firewall and Why It Matters (Palo Alto Networks) A hardware-only approach leaves gaps at the edge, while cloud-only firewalls can’t provide consistent protection across on-premises infrastructure. The result is operational complexity with blind spots and an expanding attack surface. https://www.paloaltonetworks.com/blog/2025/08/hybrid-mesh-firewall-and-why-it-matters/ Cybersecurity Stop of the Month: BEC Attacks Targeting Government Agencies (Proofpoint) What mak... read more.

• September 05, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/25 The Value of IR Planning and Incident Readiness (Arctic Wolf) Whether dealing with ransomware, business email compromise (BEC), or other cyber threats, IR planning is vital to a strong IR process, as it can shorten response and remediation time, help identify and prepare key stakeholders, streamline when and how to initiate complex processes like digital forensics, and support business continuity and executive management. https://arcticwolf.com/resources/blog/the-value-of-ir-planning-and-inci... read more.

• August 29, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/18 Speed kills: AI coding tools revive old-school hacks (ReversingLabs) The adoption of AI coding tools has exploded in recent years with their promise of speeding development and automating time-consuming manual tasks such as code audits. But the tools bypass a wide range of accepted security standards — and introduce serious risks for development teams, the researchers warned.  https://www.reversinglabs.com/blog/ai-coding-tools-old-school-hacks DataOps: Optimizing the Data Experien... read more.

• August 22, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/11 From Cloud to Hybrid: 360° Runtime Protection, Anywhere You Run (Wiz) Securing hybrid infrastructure requires more than just extending existing tools. It demands a new approach that connects workload insights with broader infrastructure context, all in real-time. https://www.wiz.io/blog/from-cloud-to-hybrid-360deg-runtime-protection-anywhere-you-run How to Prevent Helpdesk Social Engineering Attacks (HYPR) Helpdesks are critical support hubs, but their central role makes them prime targ... read more.

• August 15, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 8/4 How to mitigate AI-powered social engineering attacks (Delinea) AI can convincingly simulate identities across multiple channels and formats, making AI-powered social engineering attacks more convincing and likely to fool even the savviest, most security-conscious employees. Additionally, AI can execute attacks at scale, learn from its successes, and continually become smarter and stealthier. https://delinea.com/blog/how-to-mitigate-ai-powered-social-engineering-attacks Exploiting Direct Send... read more.

• August 08, 2025

By Eric Corcoran, Posted in Technology Week in Review

Monday 7/28 Redefining DNS Protection (Palo Alto Networks) Advanced DNS Resolver (ADNSR) is purpose-built for this modern reality, delivering intelligent threat prevention with effortless deployment. As a cloud-delivered DNS resolution service, complete with 99.999% availability, ADNSR makes it easy to protect your entire organization, regardless of where your users or infrastructure reside. https://www.paloaltonetworks.com/blog/2025/07/redefining-dns-protection/ How the Enterprise Browser Neutralizes t... read more.

• August 01, 2025