Steve Zurier's profile photo

Steve Zurier

Washington, D.C., United States

Contributor at SC Media

Writer, editor and music lover, especially jazz and improvised music. I work as a freelance writer out of Columbia, Md.

Featured in: Favicon scmagazine.com Favicon techtarget.com Favicon computerweekly.com Favicon csoonline.com Favicon networkworld.com Favicon darkreading.com Favicon idg.se Favicon 3blmedia.com Favicon newsbreak.com Favicon scmagazineuk.com

Articles

  • SAP NetWeaver bug exploited since January, allows RCE

    5 days ago | scworld.com | Steve Zurier

    The 10.0 SAP NetWeaver Visual Composer flaw that’s exploited hundreds of servers is worse than originally thought. Researchers found the bug was not merely a file upload issue, but a full remote code execution (RCE). Juan Pablo “JP” Perez-Etchegoyen, chief technology officer at Onapsis, said researchers also recently discovered that threat actors had been probing for vulnerable SAP system since at least Jan. 20 — almost two months earlier than prior reports.

  • Double-extortion tactics used in PowerSchool ransomware attack

    6 days ago | scworld.com | Steve Zurier

    Online education software provider PowerSchool on May 7 said the threat actors they paid a ransom to following a December 2024 cyberattack have reached out to multiple school district customers in apparent attempts to extort them in exchange for restoring stolen data. The original hack in late December reportedly exposed the sensitive personal data of more than 60 million K-12 students and more than 9 million teachers.

  • US warns oil and gas sectors of ‘unsophisticated' cyberattacks

    1 week ago | scworld.com | Steve Zurier

    The federal government on May 6 issued a joint advisory that said it is aware of so-called “unsophisticated” cyber actors targeting industrial systems within the oil and natural gas sectors, specifically in energy and transportation systems.

  • Critical 9.8 Langflow RCE bug added to CISA vulnerability list

    1 week ago | scworld.com | Steve Zurier

    The Cybersecurity and Infrastructure Security Agency (CISA) on May 5 added a critical 9.8 Langflow vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Security pros considered the flaw (CVE-2025-3248) significant because Langflow has grown popular among developers — nearly 60,000 users on GitHub — and is now considered one of the leading tools for building and maintaining agentic AI workflows.

  • Small businesses falling behind in AI-powered cyber defenses

    1 week ago | scworld.com | Steve Zurier

    A new study of small and medium-sized businesses (SMBs) by CrowdStrike found that only 11% of SMBs surveyed have adopted AI-powered defenses. According to the May 5 research, the smallest businesses are falling behind: Among SMBs with fewer than 50 employees, only 47% report having a security plan in place, and more than half allocate less than 1% of their annual budget to cybersecurity.

Contact details

Emails

[email protected]

Socials & Sites

Try JournoFinder For Free

Search and contact over 1M+ journalist profiles, browse 100M+ articles, and unlock powerful PR tools.

Start Your 7-Day Free Trial →

X (formerly Twitter)

Followers
869
Tweets
1K
DMs Open
No
szurier
szurier @szurier
13 Oct 23

Critical Insight's Mike Hamilton offers some advice for all security teams as they face cyberattacks resulting from the Israel-Hamas war: https://t.co/Cq96myztrv

szurier
szurier @szurier
5 Oct 23

Here's some good insight into the regulatory environment impacting cyber and how people can sort out what's important to their business. A CYE webinar I moderated: https://t.co/W9WQGB6Kvg

szurier
szurier @szurier
4 Aug 23

Another plug for SC's Women in Cyber, a column from the ISSA's Candy Alexander and Debra Christofferson on the Biden administration's cyber workforce plan: https://t.co/s7kjgqxTIu