Featured Issues

A take on a new threat from an old adversaryYou're already thinking about compliance—is digital accessibility on your list?If you work in or around regulated industries, here's something that may have slipped under your radar: a federal ADA deadline hits in less than two months. On April 24, state and local governments — and the vendors and partners who serve them — must meet WCAG 2.1 AA standards for digital accessibility or face real legal exposure.Accessibility failures aren't just an HR or marketing problem. They're an organizational risk vector, and the lawsuit surge is real: Digital accessibility litigation jumped 15% nationwide in Q1 2025 alone.Aspiritech's team of autistic and neurodivergent tech professionals helps organizations audit, test, and remediate digital products against WCAG and Section 508 standards, catching what automated scanners miss.Read the full breakdown below!The Top 5 Things Businesses Need to Know About Digital Accessibility Right NowWant to know where your digital products stand?Book a free strategy session with Aspiritech's accessibility experts.#235: Defending Against OlalampoA take on a new threat from an old adversaryWelcome to another_secpro!The conflict surrounding Iran illustrates how contemporary cyber operations function as an extension of geopolitical competition rather than a separate domain of warfare. State-linked actors, proxy groups, and opportunistic cybercriminals all exploit the disruption and political polarization created by armed conflict to conduct espionage, influence operations, and disruptive attacks.Techniques such as distributed denial-of-service campaigns, wiper malware, credential-harvesting phishing, and information manipulation are used not only to target military or government networks but also to pressure civilian infrastructure, financial institutions, and private companies that sit within the broader strategic ecosystem.As the conflict evolves, these tactics demonstrate how cyber capabilities can be rapidly mobilized, scaled through proxy actors, and directed against a wide range of targets—creating a threat landscape in which the effects of war extend well beyond the battlefield and into the digital systems that underpin modern economies and societies.Check out _secpro premiumIf you want more, you know what you need to do: sign up to the premium and get access to everything we have on offer. Click the link above to visit our Substack and sign up there!Cheers!Austin MillerEditor-in-ChiefIt’s increasingly difficult to see through the hype of AI in cybersecurity in a sea of shiny vendor demos that fail to deliver in production.We recently aired a discussion between Gourav Nagar (Head of Information Security and IT at Upwind) and Jon Hencinski (Head of Security Operations at Prophet Security, ex-Expel) that provides a practitioner's perspective on building comprehensive AI-driven cybersecurity programs.Key topics they discussed include:• Getting organizational buy-in (where leadership and practitioners are aligned)• Improving alert detection, triage, and investigations• Maturing your cybersecurity program (alert management is no longer a constraint)Watch On-Demand!This week's articlesOperation Olalampo: Indicators of Compromise, Mitigation Strategies, and Implications for the 2026 Threat LandscapeIn early 2026, researchers from Group-IB published an analysis of a cyber-espionage campaign known asOperation Olalampo, attributed to the advanced persistent threat group MuddyWater. MuddyWater has long been associated with Iranian state-linked cyber activity and has historically targeted government agencies, telecommunications providers, and critical infrastructure organizations across the Middle East and surrounding regions. The Olalampo campaign demonstrates how state-aligned cyber actors continue to evolve their tactics and infrastructure while relying on proven techniques such as phishing and custom malware frameworks.5 Key Learnings concerning the Iranian CrisisFive quick and easy takes to get your brain juices flowing in a time of political turmoil. How do we expect we will be forced to respond as cybersecurity professionals? What will be the possible long term effects? Click on the link to get involved.Check it out todayIf you'd like to find out about our series on social engineering, start here: the adversary moves in the age of AI, then make sure to check out the articles link in this introduction: here, here, here, here, and here.News BytesOAuth Redirection Abuse Enables Phishing and Malware Delivery (Microsoft Security Blog): Microsoft researchers documented campaigns abusing OAuth redirection mechanisms to deliver phishing pages and malware payloads. Attackers manipulate legitimate OAuth flows used by cloud services to redirect victims to malicious infrastructure, enabling credential harvesting and malware deployment while bypassing many security controls.Threat Brief: Escalation of Iranian Cyber Activity (Unit 42): Researchers from Palo Alto Networks’ Unit 42 warn that geopolitical tensions are driving increased cyber operations linked to Iranian actors. Campaigns include vishing attacks impersonating government officials and credential harvesting aimed at organizations in the Middle East and allied countries.SentinelOne Intelligence Brief: Iranian Cyber Activity Outlook (SentinelOne): SentinelOne analysts outline likely cyber responses from Iranian threat actors amid regional conflict, including disruptive attacks, espionage, and hacktivist operations conducted by proxy groups. The report emphasizes potential targeting of Western infrastructure and organizations tied to geopolitical developments.What Defenders Need to Know About Iran’s Cyber Capabilities (Check Point Research): Check Point’s research team published an analysis of Iranian cyber capabilities, highlighting the country’s use of APT groups, influence operations, and destructive malware campaigns. The report provides a technical overview of known tools, operational patterns, and likely future tactics.Cloudflare Threat Report: “Industrialization” of Cybercrime (Cloudflare): Cloudflare’s latest threat report describes how generative AI and automation are enabling cybercriminals to scale attacks dramatically. Researchers note AI-assisted reconnaissance, deepfake identity fraud, and massive DDoS attacks reaching record bandwidth levels.State-Backed Hackers Weaponizing Enterprise Ecosystems (Cloudflare): A Cloudflare analysis finds that nation-state actors increasingly conduct “living-off-the-land” attacks using legitimate enterprise services such as cloud platforms and SaaS applications for command-and-control. The report also documents deepfake-enabled insider infiltration campaigns attributed to North Korean operators.NCSC Warning on Increased Cyber Risk Amid Middle East Conflict (UK National Cyber Security Centre): The UK’s NCSC issued guidance advising organizations to strengthen cyber defenses due to heightened geopolitical tensions. The advisory warns that hacktivists and state-aligned actors may increase disruptive operations such as DDoS attacks and website defacements.Russian-Aligned Hacktivists Continue Large-Scale DDoS Campaigns (ITPro): Security reporting indicates that groups like NoName057(16) are sustaining distributed denial-of-service campaigns against organizations in NATO countries. These attacks use volunteer-driven botnet tools and coordinated messaging platforms to overwhelm targeted services.Sophos Advisory: Heightened Cyber Risk from Regional Escalation (Sophos X-Ops): Sophos researchers warn that geopolitical escalation involving Iran could trigger retaliatory cyber activity from affiliated threat groups. The advisory encourages organizations to adopt heightened monitoring and “Shields Up” defensive postures to mitigate potential intrusion and disruption attempts.Into the blogosphere...Run Cyber Like a Portfolio or Get Treated Like a Cost Center (Geoff Hancock): This article argues that cybersecurity programs should be managed like investment portfolios rather than tool collections. Instead of continually buying new security products, organizations should allocate cyber budgets strategically—balancing risk reduction, measurable outcomes, and alignment with business objectives. The author emphasizes governance, performance metrics, and executive-level financial justification for cyber investments.CTO at NCSC Summary: Week Ending March 1st (Ollie Whitehouse): This weekly cybersecurity intelligence digest summarizes recent threat activity and defensive guidance. A key focus is a government advisory warning about exploitation of Cisco Catalyst SD-WAN infrastructure, encouraging organizations to investigate possible compromises and apply urgent patches. The article aggregates major security alerts, research findings, and operational lessons for defenders.The Copilot Email Bug Is the Kraken (Gerry Kennedy): This article analyzes a security flaw in Microsoft Copilot, where the AI reportedly summarized emails that were labeled confidential. Kennedy argues that the issue highlights deeper risks when generative AI tools are embedded in enterprise communication systems. The piece frames the bug as a warning that AI assistants could inadvertently expose sensitive legal or corporate information if governance and security controls are weak.Security Check-In: Quick Hits – Gaming Tool Malware, LexisNexis Data Breach, and Crypto Threats (Rod Trent): This rapid-analysis security roundup covers several emerging cyber incidents, including malware distributed through gaming utilities and ongoing data-breach concerns. The article warns that compromised tools and websites could lead to ransomware infections or data theft. It also advises users to rely on verified software sources and highlights the continuing trend of attackers targeting consumer platforms and developer ecosystems.The Choices We Make (Michael Corn): Michael Corn reflects on leadership decisions in cybersecurity programs, using personal experience to illustrate how early choices in security assessments, risk prioritization, and organizational culture influence long-term resilience. The article emphasizes strategic thinking and accountability in security leadership, arguing that delayed or avoided decisions can create systemic security gaps.*{box-sizing:border-box}body{margin:0;padding:0}a[x-apple-data-detectors]{color:inherit!important;text-decoration:inherit!important}#MessageViewBody a{color:inherit;text-decoration:none}p{line-height:inherit}.desktop_hide,.desktop_hide table{mso-hide:all;display:none;max-height:0;overflow:hidden}.image_block img+div{display:none}sub,sup{font-size:75%;line-height:0} @media (max-width: 100%;display:block}.mobile_hide{min-height:0;max-height:0;max-width: 100%;overflow:hidden;font-size:0}.desktop_hide,.desktop_hide table{display:table!important;max-height:none!important}}

Learn Openshift 4CloudPro #122:Still Using DeploymentConfig? Here's Why It's Time to Move OnWe're building something new. A dedicated newsletter for network engineers working with AI, where we will talk about real challenges of bringing AI into production networks. Before we launch, we want to hear from you. This is a 30-second survey, and your answers will directly shape what we cover.Take the SurveyIf you've been running OpenShift for a few years, you almost certainly have DeploymentConfigs somewhere in your cluster. They work fine. They've always worked fine.But they've been officially deprecated since OpenShift 4.14, and it's worth understanding why. Not just because Red Hat says so, but because the underlying technology has genuinely moved on.Some context. When OpenShift 3 shipped back in 2015, Kubernetes didn't have great deployment management. DeploymentConfig filled that gap: lifecycle hooks, image change triggers, custom rollout strategies. It was ahead of its time, honestly.But Kubernetes caught up. Deployments now do automated rollbacks, HPA-based autoscaling, pause and resume during rollouts. And they're built on ReplicaSets, not ReplicationControllers. That bit matters because ReplicationController development has stopped upstream entirely. The foundation DeploymentConfig sits on isn't getting any love anymore.There's a design difference worth knowing about too. DeploymentConfig leans toward consistency: if the node running your deployer pod dies, it just waits. Waits for the node to recover, or for someone to manually step in. Deployments lean toward availability: the controller manager runs across multiple masters, so another one picks up the work. In production, you usually want that.The other thing is portability. DeploymentConfigs only exist in OpenShift. Deployments are standard Kubernetes. If you ever need to move workloads between clusters or providers, that distinction starts to matter a lot.And by sticking with DeploymentConfig, you're also cutting yourself off from tooling. No Argo Rollouts for canary or blue-green. No native HPA. No automated rollback. Manual scaling, manual rollback. It's fine until you're doing it at 2am during an incident and wishing you weren't.Nobody's flipping a switch on you tomorrow. DeploymentConfigs still run. But "it still works" isn't really a strategy. If you haven't started thinking about this, now's a good time.Cheers,Shreyans SinghEditor-in-ChiefRead The ArticleThis article was adapted from Learn OpenShift.Get The BookEarly Bird Offer LIVE Now: 40% Off. Use code EARLYBIRD40Book Your Seat NowEarly Bird Offer LIVE Now: 50% Off. No Code Needed.Book Your Seat Now📢 If your company is interested in reaching an audience of developers and, technical professionals, and decision makers, you may want toadvertise with us.If you have any comments or feedback, just reply back to this email.Thanks for reading and have a great day! *{box-sizing:border-box}body{margin:0;padding:0}a[x-apple-data-detectors]{color:inherit!important;text-decoration:inherit!important}#MessageViewBody a{color:inherit;text-decoration:none}p{line-height:inherit}.desktop_hide,.desktop_hide table{mso-hide:all;display:none;max-height:0;overflow:hidden}.image_block img+div{display:none}sub,sup{font-size:75%;line-height:0} @media (max-width: 100%;display:block}.mobile_hide{min-height:0;max-height:0;max-width: 100%;overflow:hidden;font-size:0}.desktop_hide,.desktop_hide table{display:table!important;max-height:none!important}}