TrollEye Security

Menu

Sullivan Rozar

PayPal Discloses Six-Month Data Exposure in Working Capital Application

Cyber News / By

Software Error Exposes Social Security Numbers and Business Data for Nearly Half a Year PayPal has notified customers of a data exposure incident tied to a software error in its PayPal Working Capital (PPWC) loan application, which left sensitive personal information accessible for nearly six months in 2025. According to breach notification letters, the exposure […]

PayPal Discloses Six-Month Data Exposure in Working Capital Application Read More »

How to Triage Security Findings – Five Steps for Security Teams

Vulnerability Management / By

How to Prioritize The Right Issues And Eliminate Backlog Without Guesswork Modern security teams manage constant output from scanners, alerts, and assessments. At scale, multiple valid findings compete for limited engineering time. Without a consistent decision process, priority becomes debate and remediation slows. That decision process is triage. Triage determines what gets fixed now, what

How to Triage Security Findings – Five Steps for Security Teams Read More »

Your Guide to Security Validation: What to Confirm Before Escalating a Finding

Vulnerability Management / By

A Practical Framework for Escalating What Actually Matters Security teams are good at finding issues. The harder part is deciding which ones deserve immediate attention from engineering. In most environments, escalation happens too early. Findings are passed along before exploitability is confirmed, before impact is understood, and before ownership is clear. The result is predictable:

Your Guide to Security Validation: What to Confirm Before Escalating a Finding Read More »

Ransomware Gangs Abuse ISPsystem VMs for Stealthy Payload Delivery

Cyber News / By

Default VM Templates Enable Infrastructure That Blends Into Legitimate Hosting Sophos researchers have identified multiple ransomware and malware operations using virtual machines provisioned through ISPsystem to distribute malicious payloads and maintain command-and-control infrastructure. For organizations with complex cloud, SaaS, or third-party dependencies, this technique exposes a critical limitation, allowing infrastructure to appear clean on paper

Ransomware Gangs Abuse ISPsystem VMs for Stealthy Payload Delivery Read More »

How to Prepare Your Organization for Nation-State Infiltration Attempts

Nation-State Threats / By

How Serious Is the Risk in 2026, and How Vulnerable Are Most Organizations? For years, nation-state cyber activity was framed as something that primarily targeted governments, defense contractors, and critical infrastructure. In 2026, that distinction no longer holds. Financial services, healthcare, SaaS providers, manufacturers, and even mid-market organizations are now routinely within scope. The real

How to Prepare Your Organization for Nation-State Infiltration Attempts Read More »

Cloud Payment Scam Floods Inboxes Worldwide

Cyber News / By

Large-Scale Phishing Campaign Using Fake Payment and Storage Warnings Over the past few months, a large-scale cloud storage scam has flooded inboxes worldwide with phishing emails claiming accounts are about to be blocked or deleted due to failed payments. Based on numerous reviewed samples, the campaign has intensified, with some recipients now receiving multiple versions

Cloud Payment Scam Floods Inboxes Worldwide Read More »

Cyber Risk Quantification (CRQ) – How to Assign Financial Risk for Better Prioritization and Reporting

Security Leadership / By

What is CRQ and How Does it Enable Better Reporting and Prioritization? Security teams generate a lot of data, but many still struggle to answer the most important question: which risks actually matter to the business. Most prioritization methods (like CVSS) rely on technical severity, compliance frameworks, or qualitative ratings, which fail to translate risk

Cyber Risk Quantification (CRQ) – How to Assign Financial Risk for Better Prioritization and Reporting Read More »

Okta Warns of Vishing Kits Bypassing MFA in Active SSO Attacks

Cyber News / By

New “Phishing-as-a-Service” Platforms Enable Attackers to Steal Okta SSO Credentials Okta has issued a warning about a new class of phishing platforms built specifically for voice-based social engineering attacks. These tools, now being actively used in campaigns, allow threat actors to steal single sign-on (SSO) credentials by manipulating victims during phone calls. Functioning as live

Okta Warns of Vishing Kits Bypassing MFA in Active SSO Attacks Read More »

How Security Leaders Can Cross-Align Teams Effectively

Security Leadership / By

How to Break Down Silos and Align Teams Around Real, Actionable Risk Security leaders rarely struggle with identifying risk. What they struggle with is alignment. Security, IT, engineering, and risk teams often operate with different priorities, tools, and success metrics. Vulnerabilities get identified, alerts get generated, and reports get delivered, but ownership remains unclear, remediation

How Security Leaders Can Cross-Align Teams Effectively Read More »

Hackers Actively Exploiting Critical Fortinet FortiSIEM Vulnerability

Cyber News / By

Public Exploit Code Accelerates Attacks Against Fortinet SIEM Deployments A critical vulnerability affecting Fortinet FortiSIEM is now being actively exploited in the wild, according to multiple security researchers. The flaw, tracked as CVE-2025-64155, has publicly available proof-of-concept (PoC) exploit code and allows unauthenticated remote attackers to execute commands with root-level privileges. The issue was disclosed

Hackers Actively Exploiting Critical Fortinet FortiSIEM Vulnerability Read More »

This Content Is Gated