Josh Breaker Rolfe

Have I Been Pwned has added Allianz Life to its breach notification database, confirming that cybercriminals compromised personal data belonging to more than 1.1 million individuals.   The breach stems from an attack on a cloud-based customer relationship management (CRM). Allianz Life disclosed the incident in a filing with the Maine attorney general’s office in late July.   “The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals and select Allianz Life employees,” Brett Weinberg, a spokesperson for Allianz Life, said last month.  According to the Have I Been Pwned notification, the…

AI has fundamentally changed cybersecurity. Even the most primitive attackers are now capable of launching attacks at an unprecedented speed, frequency, and level of sophistication. As a result, defenders are under more pressure than ever.   Often, when we talk about AI, we talk about its potential to put people out of work. This is perhaps an understandable concern: AI is getting increasingly good at carrying out many cybersecurity tasks, especially those typically performed by real staff. But that doesn’t mean that it will replace human analysts.   Instead, we should think of AI as a copilot, a partner that accelerates triage,…

Security researchers at Microsoft have uncovered a critical macOS vulnerability, dubbed Sploitlight, that allows attackers to bypass Apple’s Transparency, Consent, and Control (TCC) framework and harvest highly sensitive user data – including insights derived from Apple Intelligence.   The vulnerability, tracked as CVE-2025-31199, was patched from March 2-25 but serves as a stark reminder of how identity threats to modern operating systems are evolving.  Spotlight Becomes an Attack Vector  Sploitlight uses Spotlight, macOS’s native search functionality, to subvert TCC protections. While TCC is designed to prevent unauthorized applications from accessing private user data without explicit consent, attackers found a way…

Cybersecurity researcher Jeremiah Fowler discovered a massive data breach exposing over 1.1 million records tied to Gladney Center for Adoption, a well-known Texas-based adoption agency.   According to the report, Fowler found the database unencrypted, unsecured by a password, and publicly accessible. He immediately reported the issue, and the agency restricted access to the database the following day.   The exposed database, measuring 2.49GB, appeared to originate from a Customer Relationship Management (CRM) system. Fowler identified names, phone numbers, emails, and notes involving adoption cases. The data belonged to:  Children  Birth parents  Adoptive parents  Agency staff  Third-party service providers.   Files Contained…

A newly discovered phishing campaign dubbed “FileFix” is raising serious alarms in the cybersecurity community, building on the notorious ClickFix exploit to dupe users into installing a rogue browser extension. Discovered by Check Point Research, shows a disturbing evolution of social engineering tactics already being used in live attacks across multiple countries.   What is FileFix?  FileFix is a weaponized browser extension, deceptively packaged as a utility to “fix” or open documents that supposedly can’t be viewed due to file corruption or version mismatches.   Attackers initiate the scam by sending victims a fake email containing a link to an inaccessible file. Clicking…

Operational technology (OT) security has become a boardroom issue, according to recent Fortinet research. The report reveals that 52% of organizations now assign OT cybersecurity to the CISO or CSO, up from just 16% in 2022. That number is expected to climb to 80% within the next year.   This growing executive accountability reflects heightened concerns about OT security. Industrial systems, often decades old, are increasingly connected to wider IT networks, exposing them to cybersecurity threats. The shift in ownership suggests organizations finally recognize the strategic and operational risks posed by vulnerable OT systems.  Security Maturity Reduces Incidents and Impact   The…

Enterprise platforms have a major API security gap, with 84% of organizations exposing sensitive data through APIs without adequate safeguards, new research from Raidiam has revealed.   The study, which profiled 68 companies in sectors like fintech, SaaS, and payments, highlights a growing disconnect between the sensitivity of data flowing through APIs and the strength of API protections, particularly outside regulated environments like Open Banking.   “API security should not be an afterthought,” said David Oppenheim, Head of Enterprise Strategy at Raidiam. “The gap between data sensitivity and control strength is no longer just a technical concern – it’s a board level…

Cloud computing has its perks: speed, scalability, and innovation, to name just a few. However, increasing reliance on cloud computing has changed the threat landscape and created substantial points of vulnerability.   The toxic cloud trilogy of cloud workload risks – those that are publicly exposed, critically vulnerable, and highly privileged – represents the most dangerous.   And these workloads aren’t just dangerous; they’re common. According to the Tenable Cloud Risk Report 2024, 38% of organizations have at least one cloud workload that fits this description. Let’s unpack why these toxic combinations are so prevalent, what they actually mean in practice, and…

Cyberattacks linked to Iranian threat groups are on the rise, according to a new threat intelligence report from security provider Blumira. The report highlights how escalating geopolitical tensions between the US and Iran are driving a surge in Iranian state-linked cybers activity, particularly targeting critical sectors like healthcare, energy, and government.   Blumira, which monitors threats across over 18,000 customer environments, recorded 824 security incidents over the past 21 months that can be traced to Iranian networks and align with known tactics. These incidents included 283 brute-force attacks against RDP services, 27 SSH intrusions, and 414 web application scans – all…

Organizations are embracing genAI are facing severe security challenges, with many of their LLM deployments riddled with serious vulnerabilities, most of which remain unresolved. According to Cobalt’s State of LLM Security Report 2025, 32% of vulnerabilities uncovered during LLM-focused penetration tests were rated as high or critical risk. Alarmingly,only 21% of those vulnerabilities had been remediated, marking the lowest fix rate of any category tested. The Concern-Action Disconnect While 72% of survey respondents named genAI-related attacks as their top IT risk, only 66% reported conducting regular security assessments of their AI deployments. The remaining third are flying blind – despite…