Dragos just published a short analysis today of ZionSiphon, malware supposedly designed to sabotage Israeli dam desalination systems — and it’s great.
links
Almost every security advisory on Mythos right now ends in the same place: shields up, patch faster. One thing nobody’s saying — and somebody needs to — is that maybe you should be preparing to patch fewer vulnerabilities, not more.
A new ISS STOXX study in the Harvard Law School Forum on Corporate Governance tracked 176 reported cyber incidents across Russell 3000 companies from 2022–2024 and found that affected firms underperformed the market by nearly 5% over the following year. Worth reading. Also worth interrogating.