Dataproof Communications

Your SOC is not understaffed. It is overloaded with noise.Phishing response does not fail because teams lack skill. It fails because too much time is spent on manual investigation and repetitive tasks that do not scale.The Core ProblemSecurity operations centers (SOCs) are judged by metrics like Mean Time to Respond (MTTR) and False Positive Rate. These are not vanity...

In January 2026, data allegedly sourced from US automotive retailer CarMax was published online following a failed extortion attempt. The data included 431k unique email addresses along with names, phone numbers and physical addresses. - Read more

Instantly check the impact of third-party CVEs on your Elastic deployment with the new self-service CVE Impact Statements on the Support Hub. Quickly filter security scanner noise and get official assessments. - Read more

This week, the US National Institute of Standards and Technology (NIST) announced a new listening exercise, the AI Agent Standards Initiative, which it hopes will provide a roadmap for addressing agentic AI hurdles and, it said, ensure that the technology “is widely adopted with confidence.” AI agents, which have now ascended to the status of...

Welcome to this week’s edition of the Threat Source newsletter.  Generative AI and agentic AI are here to stay. Although I believe that the advantages that AI brings to bad guys may be overstated, these new technologies allow threat actors to conduct attacks at a faster rate than before. One capability that AI improves for threat actors is the ability to reconnoitre employees, discover...

Adidas has confirmed it is actively investigating a potential data breach involving one of its independent third-party partners after a threat actor operating under the alias “LAPSUS-GROUP” posted claims on BreachForums on February 16, 2026, alleging unauthorized access to the sportswear giant’s extranet portal. The actor, believed to be associated with the Scattered Lapsus$ Hunters collective, a group known...

New Remcos RAT variant enhances real-time surveillance and evasion techniques to compromise Windows - Read more

Corrected the CVE description and title. This is an informational change only. - Read more

Fintech lender Figure suffered a social-engineering breach that led to a data dump online. Have I Been Pwned found 967,200 exposed email records. The post Figure Data Breach Exposes Nearly 1 Million Customers Online appeared first on TechRepublic. - Read more

The ICO has won an important appeal relating to data protection obligations arising from a 2017-18 cyber attack at electronics retailer Currys PC World. - Read more