Tag

#NIS2

13 stories taggedNIS2.

Policy & Regulation

Microsoft Tightens Teams Meeting Controls for External AI Bots

A new admin policy requires organizer approval before automated external participants can join Teams meetings — a quiet but consequential shift in how enterprises govern AI access to sensitive calls.

2 min
Policy & Regulation

Behavioral AI Pitched as Answer to Identity-Abuse Phishing, But Regulators Still Set the Bar

A vendor webinar makes the case for behavioral detection against BEC and account takeover. The compliance questions sit underneath.

2 min
Vulnerabilities

Adobe Ships Emergency Fixes for Seven CVSS 10.0 Bugs in ColdFusion, Campaign Classic

Out-of-band advisories cover arbitrary code execution and privilege escalation paths. Administrators face a short remediation window before public exploit code is likely.

2 min
Vulnerabilities

Active Exploitation Reported Against Progress Kemp LoadMaster Pre-Auth RCE (CVE-2026-8037)

Threat responders flag in-the-wild attempts against a 9.6-rated OS command injection flaw in the load balancer, days after Progress issued a fixed build.

2 min
Policy & Regulation

Tailscale and OpenSSH Became a Junior Operator's Back Door After His Havoc C2 Went Dark

An intrusion at a small French auto-sector firm shows how commodity remote-access tooling defeats the assumption that killing the C2 ends the incident.

3 min
Identity & Access

Sovereign Cloud Gives You a Data Center. Identity Governance Gives You Control.

European enterprises spent two years and real money on sovereign cloud deployments. What they found is that data residency is the easy part — and that AI agent identities are the part nobody governed.

3 min
Policy & Regulation

MDR's AI Reckoning: When the Old Service Model Stops Keeping Up

Managed detection and response solved a staffing problem. It is not, by itself, an answer to adversaries who automate reconnaissance and intrusion at machine speed.

3 min
Policy & Regulation

Harvest Now, Decrypt Later: Most Organizations Still Aren't Ready for the Quantum Cryptography Shift

NIST published its first three post-quantum standards in 2024. A year later, only 5% of security teams have a defined strategy. The clock is running whether they know it or not.

3 min
Policy & Regulation

AI-Generated Phishing Is Drowning SOC Queues. The Policy Response Is Lagging.

Tier 1 analysts face a volume problem that existing disclosure and reporting regimes were not built to absorb.

2 min
Policy & Regulation

HD Moore's Pitch to Defenders: Stop Racing Patches, Reshape the Network

The Metasploit creator argues blast-radius control, not patch velocity, is what regulators and boards should be measuring.

3 min
Policy & Regulation

Weekly Recap: Linux Privilege Flaw, PAN-OS Exploitation, and OAuth Phishing Surge

A patchy Monday across auth paths, repos, and dev tooling — with regulators watching the disclosure clock.

3 min
Threat Intelligence

GREYVIBE: New Russian-Speaking Cluster Tied to Sustained Operations Against Ukraine

Researchers attribute an August 2025 campaign wave to a previously undocumented actor whose tasking patterns align with Kremlin interests.

2 min
Policy & Regulation

Operators Warn AI-Generated Traffic Is Outpacing Static DDoS Defences as Regulators Eye Disclosure Rules

Machine-learning-driven flood attacks are reshaping volumetric thresholds faster than current incident-reporting frameworks anticipated.

3 min
© 2026 Threat Vectr