Cristian Luțic
Cristian Luțic is a cybersecurity professional and Editor-in-Chief of iSec.News, with experience in security enablement, risk analysis, and vulnerability reporting. As Editor-in-Chief, he is responsible for editorial standards, source verification, and publication oversight at iSec News.
From professional sports to cybersecurity, his career path may have been unconventional, but it has been driven by the same core values: discipline, perseverance, and a passion for doing meaningful, impactful work.
iSec.News Motto: “Only news, only information security and privacy news. No fluff.”
-
Redefining Cybersecurity: The Human Experience at the Forefront of Security Design
A recent analysis highlights the importance of human experience in cybersecurity design, emphasizing user-friendly systems that align with operational realities. Experts argue that simplifying security measures can enhance adherence and encourage a culture of awareness within organizations.
-
NIST Updates Privacy Framework to Address AI and Cybersecurity Risks
NIST has revised its Privacy Framework, enhancing alignment with cybersecurity guidelines and addressing emerging AI-related risks. These updates reflect the growing importance of integrated risk management as organizations navigate increasing privacy challenges.
-
Google to Consolidate Search Domains, Increasing Global Accessibility
Google has announced the retirement of separate country code domains for search, unifying them under Google.com to enhance user experience, though some challenges remain regarding localized search results.
-
US Government Agrees to Continue Funding CVE Program Amid Concerns
In a crucial move for the cybersecurity sector, the US government has agreed to extend funding for the Common Vulnerabilities and Exposures (CVE) program amid concerns over its future. Following MITRE’s announcement that federal support was about to end, this extension ensures the continuity of CVE services, which are pivotal in identifying and managing technology…
-
End of CVE Program Sparks Concerns Among Cybersecurity Experts
The Department of Homeland Security’s decision to let its contract with MITRE expire could jeopardize the future of the Common Vulnerabilities and Exposures (CVE) program, raising alarms among cybersecurity experts about the potential disruption to vulnerability tracking and management.
-
Russian APT29 Launches New Phishing Campaign Targeting Embassies with Sophisticated Malware
Russian state-sponsored group Midnight Blizzard, also known as APT29, has launched a highly targeted phishing campaign against European embassies, utilizing a new malware loader named GrapeLoader and an evolved version of the WineLoader backdoor. Experts from Check Point Research warn that these developments require advanced multi-layered defenses to counteract the increased sophistication of this cyber…
-
AI Presentation Tool Exploited in Phishing Scams, Experts Warn
Research from Abnormal Security reveals that the AI presentation tool Gamma is being exploited in phishing attacks to trick users into revealing their credentials via counterfeit communications.
-
Tech Giants Lead Push for Shorter Digital Certificate Lifespans
Tech giants Apple and Google are leading a significant initiative to reduce the maximum lifespans of digital certificates, aiming to strengthen cybersecurity and mitigate risks associated with long-term certificates. The proposal suggests a maximum validity of 90 days from Google and 47 days from Apple, potentially revolutionizing internet safety standards.
-
Organizations Struggle to Address Cyber Vulnerabilities, Despite Increased Pentesting Efforts
A recent report reveals that organizations are addressing less than half of exploitable vulnerabilities, particularly in Generative AI applications, underscoring the need for improved security measures despite widespread recognition of the importance of pentesting.
-
Cyber Attacks: Shutting Down Systems Can Exacerbate Damage
As cyber attacks become an increasing reality for businesses, experts caution against the instinct to shut down systems during an incident, urging a focus on preparedness, controlled containment strategies, and effective communication.
