This blog post proposes the MITRE Mapper, an AI-powered tool that improves vulnerability prioritization by automatically mapping CVEs to CWEs and MITRE ATT&CK techniques. This approach addresses major gaps in traditional scoring methods like CVSS, which often overestimate risk and lack real-world context. Early results show promising accuracy, and the tool has the potential to significantly enhance how organizations identify and prioritize the threats most relevant to them.

This post was written by Cameron A., Marcus R., and Max D.

This blog post explains what the dark web really is and clears up common misconceptions. It describes the internet as an iceberg and breaks up the sections of the internet you should know about. The post will also dicuss commons myths about the dark web and debunk these myths. 

This post was written by Samantha, David, and Tyler
 

MacOS is no longer a small target. While Windows still dominates desktops (~70%), macOS (including OS X variants) now accounts for roughly 13% of global desktop usage, large enough to sustain a thriving Mac-focused criminal ecosystem. From 2024-2025, researchers observed an increase in macOS malware across multiple categories, like stealers, trojans, backdoors/RATs, ransomware, and aggressive adware loaders. This implies that modern Mac security should be targeted to protecting from these and detecting malicious activity on a mac to mitigate and stop data loss and breaches.

This post was written by Zach O., Alex C., and Paul B.

This post discusses what physical penetration testing is and why it is important for organizations to conduct these types of tests for their users. 

This post was written by Jared K., Bryson F., and Charlie S.

The holiday season brings a surge in online shopping—and with it, a spike in cybercrime. This guide outlines essential tips to protect your personal and financial data from phishing scams, fake websites, and public Wi-Fi threats. Learn how to secure your accounts, spot suspicious deals, and shop smart both online and in public spaces to keep your holidays merry and malware-free.

As businesses embrace digital transformation, cybersecurity compliance becomes essential for protecting sensitive data and maintaining trust. This article explores the importance of adhering to regulatory standards, outlines key data at risk, and offers practical steps for building a resilient compliance strategy. From small enterprises to critical infrastructure sectors, staying compliant is vital to defending against evolving cyber threats and securing long-term success.

Honeypots are decoy systems designed to attract cyber attackers, allowing security teams to study their tactics and divert threats from real assets. This article explores how honeypots work, their strategic advantages, real-world applications like Valve’s anti-cheat operation, and the risks involved in deploying them.

The Internet is the hub of worldwide communication in this digitized world, and social networks have become part of the very core of interaction. Not everyone utilizes such platforms for positive reasons.

Fake CAPTCHAs are deceptive security challenges designed to mimic legitimate human verification tests while secretly harvesting user data or delivering malware. These fraudulent tools often appear on compromised websites or phishing pages, tricking users into clicking or entering sensitive information. Understanding their tactics is key to spotting and avoiding these digital traps.

As the use of IoT devices becomes more mainstream, it is important to stay informed and ensure that all of your devices are secure and updated to their latest versions. Introducing the Cyber Trust Mark, a label printed on name-brand IoT devices to inform the safe use of these products.