Paul Shread

Baltimore

International Editor, The Cyber Express at The Cyber Express by Cyble

Featured in: Favicon

technologyadvice.com Favicon

channelinsider.com Favicon

time.com

bostonglobe.com Favicon

serverwatch.com Favicon

webopedia.com Favicon

internetnews.com Favicon

esecurityplanet.com Favicon

enterprisenetworkingplanet.com Favicon

thecyberexpress.com + 2 more

Articles

Victoria’s Secret Website Down After Security Incident

1 week ago | thecyberexpress.com | Paul Shread

The U.S. website of Victoria’s Secret is down after an unspecified security incident, the latest in a series of cyber incidents hitting retailers. A status message on the Victoria’s Secret website says the company “identified and are taking steps to address a security incident. We have taken down our website and some in store services as a precaution. Our team is working around the clock to fully restore operations.”Victoria’s Secret and PINK stores remain open, the status message reads.
Post-Quantum Cryptography Migration Should Start Now

1 week ago | thecyberexpress.com | Paul Shread

As estimates of the quantum computing power needed to crack current public key encryption algorithms continue to drop, a group of technology companies and organizations is urging users to begin migrating toward post-quantum cryptographic standards now. To help organizations with the transition to post-quantum cryptography, the Post-Quantum Cryptography Coalition (PQCC) released a migration roadmap today to guide companies through the phases of that journey.
New Russian Cyber Threat ‘Laundry Bear’ Hits Western Targets

1 week ago | thecyberexpress.com | Paul Shread

Dutch intelligence officials and Microsoft warned today of a new Russian threat actor targeting Western organizations in what appears to be a military and high-tech espionage campaign. The new threat group – called Laundry Bear by the Dutch and Void Blizzard by Microsoft – was the subject of separate advisories today.
FBI Warns About Silent Ransom Group Targeting Law Firms

1 week ago | thecyberexpress.com | Paul Shread

The FBI is warning that a threat group is using IT-themed social engineering calls and callback phishing emails to gain remote access to systems and steal sensitive data. The Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753, will then use the stolen data to extort the law firms, the advisory from the FBI’s Cyber Division said.
Versa Patches 3 Concerto SD-WAN Vulnerabilities, Including a Perfect 10.0

2 weeks ago | thecyberexpress.com | Paul Shread

Versa Networks has patched three vulnerabilities in its Concerto network security and SD-WAN orchestration platform, including one that scored a 10.0, the highest possible severity rating. The Versa Concerto vulnerabilities were revealed by Project Discovery in a blog post earlier this week, which said Versa hadn’t responded to the researchers’ disclosures that were first made in February. The researchers said they had “not received any response or indication of a forthcoming patch.
Commvault Nation-State Campaign Could Be Part of Broader SaaS Threat: CISA

2 weeks ago | thecyberexpress.com | Paul Shread

Nation-state threat actors targeting Commvault applications hosted in Microsoft Azure may be part of a broader campaign targeting Software-as-a-Service (SaaS) applications, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned in an advisory this week.
Active Directory DMSA Attack Detailed By Researchers

2 weeks ago | thecyberexpress.com | Paul Shread

The delegated Managed Service Account (dMSA) feature was introduced in Windows Server 2025 as a secure replacement for legacy service accounts and to prevent credential attacks like Kerberoasting, but an Akamai researcher discovered a privilege escalation vulnerability in dMSA that could allow an attacker to compromise any user in Active Directory (AD).
CISA, NIST Researchers Develop Metric to Determine Likelihood of Vulnerability Exploitation

2 weeks ago | thecyberexpress.com | Paul Shread

Researchers from the U.S. National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) have developed a new security metric to determine the likelihood that a vulnerability has been exploited.
NHS Charter Urges Vendors To Improve Cybersecurity

2 weeks ago | thecyberexpress.com | Paul Shread

The UK’s National Health Service (NHS) is asking its IT suppliers to commit to better cybersecurity by signing a public charter. In a May 15 open letter to suppliers, top UK and NHS cyber officials urged suppliers to sign the NHS charter and pledge to adopt cybersecurity best practices that could help address a wave of crippling ransomware attacks that have hit NHS hospitals and healthcare facilities. A self-assessment form will be launched in the fall allowing suppliers to sign the NHS charter.
More Than 100 Groups And Individuals Oppose GDPR Changes

2 weeks ago | thecyberexpress.com | Paul Shread

More than 100 groups and individuals banded together today to oppose any changes to the EU’s landmark General Data Protection Regulation (GDPR). Potential GDPR changes for simplifying the data privacy law’s recordkeeping requirements for small businesses could be unveiled as soon as this week.