Daily Briefing for 03.21.25

Dateline

How MTTC enhances SOC efficiency and alert triage performance. (N2K Networks) This is a sponsored story produced in collaboration with Dropzone AI. Traditional SOC metrics like MTTD and MTTR focus on specific phases of alert handling, leaving gaps in efficiency evaluation. Mean Time to Conclusion (MTTC) bridges these gaps, offering a comprehensive metric that tracks the entire alert triage process—from detection to resolution.

Why SOCs rely on OSCAR: A proven investigative framework. (N2K Networks) This is a sponsored story produced in collaboration with Dropzone AI. The OSCAR methodology—Obtain, Strategize, Collect, Analyze, Report—offers SOCs a structured and efficient approach to security investigations.

Attacks, Threats, and Vulnerabilities

Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day (CyberScoop) Cybercriminals working on behalf of nation-states are actively exploiting a zero-day vulnerability in Microsoft Windows to commit espionage.

Trends

Digital.ai Releases 2025 Application Security Threat Report: Rise of Free AI Tools Contributes to Surge in Sophisticated Attacks on Client-Side Applications, Highlighting Critical Need for Greater App Security (Yahoo Finance) Third annual report finds a nearly 20 percent increase in attacks over last year; AI-assisted attacks and shared attack tactics and scripts make threat actors more efficient and prolific.

Litigation, Investigation, and Law Enforcement

AdTech CEO whose products detected ad fraud jailed for fraud (The Register) : Made up revenue and pretended to use non-existent data

Former Michigan football coach indicted in hacks of athlete databases of more than 100 colleges (The Record) Federal prosecutors said Matthew Weiss, a former assistant football coach at the University of Michigan, learned hacking skills to breach online databases, primarily targeting information about "female college athletes."

For a complete running list of events, please visit the Event Tracker.

Events

WICYS 2025 (Dallas and Virtual, Texas, USA, Apr 2 - 5, 2025) WiCyS 2025 is the go-to event for cybersecurity professionals, students, and organizations. The conference is the flagship event to recruit, retain and advance women in cybersecurity.

40th Space Symposium (Denver and Virtual, Colorado, USA, Apr 7 - 10, 2025) Bringing together leaders from commercial, government and military space from around the world, the Space Symposium provides a forum to discuss, address and plan for future achievements in space. The Space Symposium program delivers exclusive networking and engagement opportunities with influential participants in one convenient and extraordinary venue. Space Symposium luncheons and dinners provide additional contact with influential participants.

Community Event with The Cyber Guild - Book Club (Reston, Virginia, USA, Apr 17, 2025) Join the growing Cyber Guild Community - "where everyone wants to know your name " The Cyber Guild community is a growing network of cyber enthusiasts who are invested in building a sustainable cyber ecosystem.

RSA Innovation Sandbox 2025 (San Francisco, California, USA, Apr 28, 2025) RSA Conference 2025 marks 20 years for cybersecurity’s top innovation startup competition: RSAC Innovation Sandbox contest. The contest puts the spotlight on cybersecurity’s boldest new innovators while highlighting their potentially game-changing ideas. Hundreds of submissions are reviewed and narrowed down to only 10 finalists. The Top 10 Finalists will take the stage during RSA Conference 2025 and will have three minutes to make their award-winning pitch to a panel of leading industry experts. Since the start of the contest, the Top 10 Finalists have collectively seen over 90 acquisitions and over $16.4 billion in investments.*

RSA Conference 2025 (San Francisco, California, USA, Apr 28 - May 1, 2025) At RSAC 2025, you're not just attending a conference—you're stepping into a vibrant, thriving community of thinkers, innovators, and achievers. Though we come from different corners of the cybersecurity world, we are united by a common mission: to foresee risks, counter threats, and embrace the challenges ahead. Together, we shape the future of security. Together, we shine as one.