If you work in or around regulated industries, here's something that may have slipped under your radar: a federal ADA deadline hits in less than two months. On April 24, state and local governments — and the vendors and partners who serve them — must meet WCAG 2.1 AA standards for digital accessibility or face real legal exposure.

Accessibility failures aren't just an HR or marketing problem. They're an organizational risk vector, and the lawsuit surge is real: Digital accessibility litigation jumped 15% nationwide in Q1 2025 alone.

Aspiritech's team of autistic and neurodivergent tech professionals helps organizations audit, test, and remediate digital products against WCAG and Section 508 standards, catching what automated scanners miss.

Read the full breakdown below!

Want to know where your digital products stand?

Welcome to another_secpro!

The conflict surrounding Iran illustrates how contemporary cyber operations function as an extension of geopolitical competition rather than a separate domain of warfare. State-linked actors, proxy groups, and opportunistic cybercriminals all exploit the disruption and political polarization created by armed conflict to conduct espionage, influence operations, and disruptive attacks.

Techniques such as distributed denial-of-service campaigns, wiper malware, credential-harvesting phishing, and information manipulation are used not only to target military or government networks but also to pressure civilian infrastructure, financial institutions, and private companies that sit within the broader strategic ecosystem.

As the conflict evolves, these tactics demonstrate how cyber capabilities can be rapidly mobilized, scaled through proxy actors, and directed against a wide range of targets—creating a threat landscape in which the effects of war extend well beyond the battlefield and into the digital systems that underpin modern economies and societies.

If you want more, you know what you need to do: sign up to the premium and get access to everything we have on offer. Click the link above to visit our Substack and sign up there!

Cheers!
Austin Miller
Editor-in-Chief

It’s increasingly difficult to see through the hype of AI in cybersecurity in a sea of shiny vendor demos that fail to deliver in production.

We recently aired a discussion between Gourav Nagar (Head of Information Security and IT at Upwind) and Jon Hencinski (Head of Security Operations at Prophet Security, ex-Expel) that provides a practitioner's perspective on building comprehensive AI-driven cybersecurity programs.

Key topics they discussed include:

• Getting organizational buy-in (where leadership and practitioners are aligned)
• Improving alert detection, triage, and investigations
• Maturing your cybersecurity program (alert management is no longer a constraint)

In early 2026, researchers from Group-IB published an analysis of a cyber-espionage campaign known asOperation Olalampo, attributed to the advanced persistent threat group MuddyWater. MuddyWater has long been associated with Iranian state-linked cyber activity and has historically targeted government agencies, telecommunications providers, and critical infrastructure organizations across the Middle East and surrounding regions. The Olalampo campaign demonstrates how state-aligned cyber actors continue to evolve their tactics and infrastructure while relying on proven techniques such as phishing and custom malware frameworks.

Five quick and easy takes to get your brain juices flowing in a time of political turmoil. How do we expect we will be forced to respond as cybersecurity professionals? What will be the possible long term effects? Click on the link to get involved.

If you'd like to find out about our series on social engineering, start here: the adversary moves in the age of AI, then make sure to check out the articles link in this introduction: here, here, here, here, and here.

OAuth Redirection Abuse Enables Phishing and Malware Delivery (Microsoft Security Blog): Microsoft researchers documented campaigns abusing OAuth redirection mechanisms to deliver phishing pages and malware payloads. Attackers manipulate legitimate OAuth flows used by cloud services to redirect victims to malicious infrastructure, enabling credential harvesting and malware deployment while bypassing many security controls.

Threat Brief: Escalation of Iranian Cyber Activity (Unit 42): Researchers from Palo Alto Networks’ Unit 42 warn that geopolitical tensions are driving increased cyber operations linked to Iranian actors. Campaigns include vishing attacks impersonating government officials and credential harvesting aimed at organizations in the Middle East and allied countries.

SentinelOne Intelligence Brief: Iranian Cyber Activity Outlook (SentinelOne): SentinelOne analysts outline likely cyber responses from Iranian threat actors amid regional conflict, including disruptive attacks, espionage, and hacktivist operations conducted by proxy groups. The report emphasizes potential targeting of Western infrastructure and organizations tied to geopolitical developments.

What Defenders Need to Know About Iran’s Cyber Capabilities (Check Point Research): Check Point’s research team published an analysis of Iranian cyber capabilities, highlighting the country’s use of APT groups, influence operations, and destructive malware campaigns. The report provides a technical overview of known tools, operational patterns, and likely future tactics.

Cloudflare Threat Report: “Industrialization” of Cybercrime (Cloudflare): Cloudflare’s latest threat report describes how generative AI and automation are enabling cybercriminals to scale attacks dramatically. Researchers note AI-assisted reconnaissance, deepfake identity fraud, and massive DDoS attacks reaching record bandwidth levels.

State-Backed Hackers Weaponizing Enterprise Ecosystems (Cloudflare): A Cloudflare analysis finds that nation-state actors increasingly conduct “living-off-the-land” attacks using legitimate enterprise services such as cloud platforms and SaaS applications for command-and-control. The report also documents deepfake-enabled insider infiltration campaigns attributed to North Korean operators.

NCSC Warning on Increased Cyber Risk Amid Middle East Conflict (UK National Cyber Security Centre): The UK’s NCSC issued guidance advising organizations to strengthen cyber defenses due to heightened geopolitical tensions. The advisory warns that hacktivists and state-aligned actors may increase disruptive operations such as DDoS attacks and website defacements.

Russian-Aligned Hacktivists Continue Large-Scale DDoS Campaigns (ITPro): Security reporting indicates that groups like NoName057(16) are sustaining distributed denial-of-service campaigns against organizations in NATO countries. These attacks use volunteer-driven botnet tools and coordinated messaging platforms to overwhelm targeted services.

Sophos Advisory: Heightened Cyber Risk from Regional Escalation (Sophos X-Ops): Sophos researchers warn that geopolitical escalation involving Iran could trigger retaliatory cyber activity from affiliated threat groups. The advisory encourages organizations to adopt heightened monitoring and “Shields Up” defensive postures to mitigate potential intrusion and disruption attempts.

Run Cyber Like a Portfolio or Get Treated Like a Cost Center (Geoff Hancock): This article argues that cybersecurity programs should be managed like investment portfolios rather than tool collections. Instead of continually buying new security products, organizations should allocate cyber budgets strategically—balancing risk reduction, measurable outcomes, and alignment with business objectives. The author emphasizes governance, performance metrics, and executive-level financial justification for cyber investments.

CTO at NCSC Summary: Week Ending March 1st (Ollie Whitehouse): This weekly cybersecurity intelligence digest summarizes recent threat activity and defensive guidance. A key focus is a government advisory warning about exploitation of Cisco Catalyst SD-WAN infrastructure, encouraging organizations to investigate possible compromises and apply urgent patches. The article aggregates major security alerts, research findings, and operational lessons for defenders.

The Copilot Email Bug Is the Kraken (Gerry Kennedy): This article analyzes a security flaw in Microsoft Copilot, where the AI reportedly summarized emails that were labeled confidential. Kennedy argues that the issue highlights deeper risks when generative AI tools are embedded in enterprise communication systems. The piece frames the bug as a warning that AI assistants could inadvertently expose sensitive legal or corporate information if governance and security controls are weak.

Security Check-In: Quick Hits – Gaming Tool Malware, LexisNexis Data Breach, and Crypto Threats (Rod Trent): This rapid-analysis security roundup covers several emerging cyber incidents, including malware distributed through gaming utilities and ongoing data-breach concerns. The article warns that compromised tools and websites could lead to ransomware infections or data theft. It also advises users to rely on verified software sources and highlights the continuing trend of attackers targeting consumer platforms and developer ecosystems.

The Choices We Make (Michael Corn): Michael Corn reflects on leadership decisions in cybersecurity programs, using personal experience to illustrate how early choices in security assessments, risk prioritization, and organizational culture influence long-term resilience. The article emphasizes strategic thinking and accountability in security leadership, arguing that delayed or avoided decisions can create systemic security gaps.