And if you don’t know, now you know.

At least, that’s what new ISC2 CEO Scott Beale hopes to achieve with the cybersecurity certification organization’s members, who he said are largely unaware of the impact ISC2 has on the broader industry.

“ISC2 has been doing a lot of work around advocacy, working with national and state governments in the US and around the world to make sure that laws are being passed in a way that is informed by cybersecurity workers,” Beale said. “It is an incredible benefit to the world. It also benefits members, benefits governments and nonprofits, but it is not something that people even really know a lot about.”

Make your mark.—BM

Check your blind spots…and we aren’t talking about the ones in your car.

Old vulnerabilities continue to create new dangers for organizations as cybercriminals exploit code that’s never been fixed. That’s according to a recent TrendAI report, which found 70% of requested exploits between January 2023 and January 2026 leveraged vulnerabilities that were more than two years old. About 8% were for vulnerabilities between 10 and 15 years old.

The AI twist. There’s nothing novel about cybercriminals eyeing dated vulnerabilities. This January, for example, CISA added a 17-year-old PowerPoint bug to its list of actively exploited common vulnerabilities and exposures (CVEs).

Keep an eye out.—BM

Following significant cyberattacks linked to a hacking group thought to be linked to Iran, experts are highlighting how securing systems against credential-based hacks is critical.

In the beginning of March, Handala Hack, also known as Handala, claimed responsibility for a cyberattack on medical services and devices provider Stryker. Reuters reported that the company experienced disruptions and limited access to systems as a result of the attack; Healthcare Brew reported that 56,000 global employees were encouraged to disable company-issued devices and keep them off of networks.

Amy Mushahwar, data privacy, security, safety, and risk management team chair at law firm Lowenstein Sandler, told IT Brew that the Stryker attack “could happen to any critical company in the US.” The attack itself, she added, was unique in that the attackers destroyed data permanently rather than holding it for ransom. ProArch shared that, in some departments at Stryker, up to 95% of devices had been erased before defenders reacted. Attackers also reportedly defaced login screens with Handala’s logo and propaganda.

“Iranian nation state actors are normally pretty smash and grab…I think the novelty of the wiper attack here is pretty interesting,” Mushahwar said. “This was a deliberate disabling of an entire set of company end points.”

Breaking in.—CN

CollabWORK connects you to the hidden job market through IT Brew and other trusted channels. Browse roles curated specifically for this community by clicking through to the job board.

• Deputy Director - Deputy Chief Information Officer at Nevada National Security Site
• Software Engineer at Gemological Institute of America
• Executive IT Support Lead - White-Glove Service at OpenAI
• Information Technology Business Analyst at Texas Health and Human Services
• Network Engineer at Two Six Technologies