How we keep Opera users and products safe: Inside the role of Head of Security

Security How we keep Opera users and products safe: Inside the role of Head of Security Share May 8th, 2026 We usually think of security only when something goes wrong – whether it’s a suspicious login we noticed, a strange pop-up we got while browsing, or a headline we read about a data breach...

The Death of the Security Checkbox: BAS Is the Power Behind Real Defense

Security doesn't fail at the point of breach. It fails at the point of impact. That line set the tone for this year's Picus Breach and Simulation BAS Summit , where researchers, practitioners, and CISOs all echoed the same theme: cyber defense is no longer about prediction. It's about proof. When...

The king is dead, long live the king! Windows 10 EOL and Windows 11 forensic artifacts

Introduction Windows 11 was released a few years ago, yet it has seen relatively weak enterprise adoption. According to statistics from our Global Emergency Response Team GERT investigations, as recently as early 2025, we found that Windows 7, which reached end of support in 2020, was encountered...

Alex Ryan: From zero chill to quiet confidence

Welcome to another episode of Humans of Talos, our ongoing video interview series that celebrates the people powering Cisco's threat intelligence efforts. In each episode, we dive deep into the personal journeys, motivations and lessons learned from the team members who help keep the internet saf...

Large Language Models in Cybersecurity: Applications, Vulnerabilities, and Defense Techniques

Large Language Models LLMs are transforming cybersecurity by enabling intelligent, adaptive, and automated approaches to threat detection, vulnerability assessment, and incident response. With their advanced language understanding and contextual reasoning, LLMs surpass traditional methods in...

PT-2024-32086 · Helpdesk · Helpdesk

Name of the Vulnerable Software and Affected Versions: HelpDeskZ version 2.0.2 Description: A cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field of Custom Fields message box. This issue potential...

RCE to Sliver: IR Tales from the Field

Rapid7 Incident Response consultants Noah Hemker, Tyler Starks, and malware analyst Tom Elkins contributed analysis and insight to this blog. Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the sourc...

Cynet Protects Hospital From Lethal Infection

A hospital with 2,000 employees in the E.U. deployed Cynet protections across its environment. The hospital was in the process of upgrading several expensive imaging systems that were still supported by Windows XP and Windows 7 machines. Cynet protections were in place on most of the Windows XP a...

Taiwanese PC Company MSI Falls Victim to Ransomware Attack

Taiwanese PC company MSI short for Micro-Star International officially confirmed it was the victim of a cyber attack on its systems. The company said it "promptly" initiated incident response and recovery measures after detecting "network anomalies." It also said it alerted law enforcement agenci...

Download: Definitive 'IR Management and Reporting' Presentation Template

The realistic approach to security is that incidents occur. While ideally, the CISO would want to prevent all of them, in practice, some will succeed to a certain degree—making the ability to efficiently manage an incident response process a mandatory skill for any CISO. Moreover, apart from the...