Monday 10/27
Proofpoint releases innovative detections for threat hunting: PDF Object Hashing (Proofpoint)
Due to the complex nature of the PDF format and the many ways threat actors use it to their advantage, detecting malicious PDF files can range from straightforward to nearly impossible. Proofpoint researchers have identified notable campaigns leveraging PDFs and have created a new tool called PDF Object Hashing designed to track and detect the unique characteristics of PDFs used by threat actors.
https://www.proofpoint.com/us/blog/threat-insight/proofpoint-releases-innovative-detections-threat-hunting-pdf-object-hashing
Why agent-based PEDM is the only path to Zero Standing Privilege (Delinea)
The promise of ZSP is compelling. However, most implementations of privileged access still leave cracks on the surface. At best, they reduce risk. At worst, they give organizations a false sense of security while attackers quietly exploit residual standing privileges.
https://delinea.com/blog/agent-based-pedm
Tuesday 10/28
Rethinking the last mile: Our vision for secure access in a browser-first world (Citrix)
It’s safe to say that the majority of the modern work now happens in the browser. Users access SaaS apps, internal portals, generative AI tools, and sensitive client data all through a browser tab. And in a world where most organizations support (or tolerate) BYOD access in some form, the browser has become the last mile of enterprise security.
https://www.citrix.com/blogs/2025/10/21/rethinking-the-last-mile-our-vision-for-secure-access-in-a-browser-first-world/
The Role of Tabletop Exercises in IR Planning (Arctic Wolf)
A cornerstone of a mature IR strategy is the tabletop exercise. Often overlooked, tabletop exercises transform an IR plan from theory into practice, helping organizations strengthen resilience, validate decision-making, and advance overall security maturity.
https://arcticwolf.com/resources/blog/the-role-of-tabletop-exercises-in-ir-planning/
Wednesday 10/29
AI 2030: The Coming Era of Autonomous Cyber Crime (Check Point)
In September 2025, Check Point Research’s global threat intelligence found that 1 in every 54 generative AI (GenAI) prompts from enterprise networks posed a high risk of sensitive-data exposure, affecting 91 percent of organizations that use AI tools regularly.
https://blog.checkpoint.com/executive-insights/ai-2030-the-coming-era-of-autonomous-cyber-crime/
Redefining OT security with dedicated OT workflows & NEXT-gen visibility for industrial teams (Darktrace)
Security data is only valuable when it drives action. Darktrace / OT delivers risk insights that go beyond patching, helping teams take meaningful steps even when remediation isn't possible.
https://www.darktrace.com/blog/darktrace-announces-unified-ot-security-introducing-dedicated-workflows-for-ot-engineers-segmentation-aware-risk-modeling-and-next-generation-endpoint-visibility-for-industrial-teams
Thursday 10/30
Securing Critical Infrastructure in the Cloud Era: A Policy and Technology Blueprint (Wiz)
The shift brings innovation and efficiency, and as recent NSA guidance suggests, can also unlock security advantages. But it also introduces different risk dynamics. The importance of these systems becomes starkly clear when they fail.
https://www.wiz.io/blog/securing-critical-infrastructure-in-cloud-era
Why AI governance must start at the storage layer—before it's too late (NetApp)
Modern AI pipelines transform data at breakneck speed through discovery, preparation, curation, training, vectorization, and deployment. Each transformation multiplies your compliance risk. Sensitive personal identifiable information (PII) gets embedded in vector databases. Access controls are fragmented across hybrid clouds. Data lineage becomes impossible to trace. Audit trails evaporate.
https://www.netapp.com/blog/storage-layer-ai-data-governance/
Friday 10/31
3 Microsoft 365 Attacks That Expose Hidden Security Posture Gaps (Abnormal AI)
Attackers are increasingly breaching Microsoft 365 through configuration blind spots rather than malware-based intrusions. By exploiting posture weaknesses such as long-lived tokens, legacy authentication, and insecure session policies, they’re able to bypass multi-factor authentication (MFA), hijack accounts, and move laterally inside trusted environments.
https://abnormal.ai/blog/microsoft-365-security-posture-gaps
Think IGA is challenging? You’re not alone (CyberArk)
Understanding why identity governance and automation (IGA) is such a struggle is a good first step toward building a viable identity governance strategy that works in today’s identity and application ecosystem. Even with a dedicated IGA tool, many organizations fail to implement a fully automated IGA program.
https://www.cyberark.com/resources/blog/think-iga-is-challenging-youre-not-alone