Category: Blog RSS Feed

Adopting Continuous Deployment, an extreme form of software delivery automation, can drastically speed up software delivery, but it also introduces critical security challenges. Some of the most severe, global-scale security breaches of recent years (Solarwinds and Kaseya are just two…

Read more →

What is the Interlock ransomware? Interlock is a relatively new strain of ransomware, that first emerged in late 2024. Unlike many other ransomware families it not only targets Windows PCs, but also systems running FreeBSD. If you are impacted, you…

Read more →

While NIST frameworks are typically not mandatory for most organizations, they are still being called on to do some heavy lifting to bolster the nation’s cybersecurity defenses. Under the January 2025 Executive Order (EO) on Strengthening and Promoting Innovation in…

Read more →

In January of this year, significant changes to the HIPAA Security Rule were proposed by the Office of Civil Rights for the Department of Health and Human Services (OCR). The proposed update to the HIPAA Security Rule, published on January…

Read more →

For the fourth year running, in 2025, the IBM X-Force Threat Intelligence Index crowned the manufacturing sector as the number one targeted industry for cybercrime, representing 26% of incidents. The problem is so bad that manufacturing has even managed to…

Read more →

The UK is facing the same evolving digital challenges as the rest of the world, and its new Cyber Security and Resilience Bill is designed to not only help it catch up – but stay ahead. Attackers change their tactics…

Read more →

Cybercriminals are getting smarter. Not by developing new types of malware or exploiting zero-day vulnerabilities, but by simply pretending to be helpful IT support desk workers. Attackers affiliated with the 3AM ransomware group have combined a variety of different techniques…

Read more →

Health-ISAC recently released their 2025 Health Sector Cyber Threat Landscape Report, a comprehensive outline of the malicious activity aimed at healthcare in the previous year. Not surprisingly, ransomware was cited by security professionals in the industry as the number one…

Read more →

Attackers have made a decisive switch toward stealthy, identity-centric attacks. Forget breaking in – modern cybercriminals simply log in. And that should be a concern. According to the IBM X-Force 2025 Threat Intelligence Index, nearly one-third of intrusions in 2024…

Read more →

The proliferation of Internet of Things (IoT) devices – more specifically, security cameras – has forced organizations to rethink how they protect their physical hardware. Security cameras represent some of the most common IoT devices installed in business and commercial…

Read more →

Recent research by Comparitech reveals the shocking truth about ransomware attacks on government entities; they have a longer impact than anyone thought. Tracking over 1100 government-targeted ransomware attacks over a period of six years, researchers discovered that each day of…

Read more →

A new era of inconceivably fast quantum machines is not far away, with computers almost ready to completely transform the way we solve problems, communicate, and compute. However, this transformation is not all positive, and the cybersecurity industry fears that…

Read more →

There are ghosts in the machine. Not the poetic kind. I mean literal, running-code-with-root-access kind. The kind that was set up ten years ago by an admin who retired five jobs ago. The kind that still wakes up every night…

Read more →

Adhering to the ever-tightening letter of the law is the cost of doing business these days, and for many companies caught in the crosshairs, that cost is getting too high. New research by Bridewell Consulting revealed that 44% of all…

Read more →

The Health Insurance Portability and Accountability Act (HIPPA) was established to protect patient privacy and secure health information. While it has been around for nearly two decades, it is evolving to keep up with an increasingly digital world and in…

Read more →

When people hear “supply chain attack,” their minds often go to headline-grabbing breaches. But while analysts, CISOs, and journalists dissect those incidents, a more tactical and persistent wave of attacks has been unfolding in parallel; one that’s laser-focused on small…

Read more →

Today’s Patch Tuesday Alert addresses Microsoft’s May 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1156 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2025-32706 A vulnerability in the Windows…

Read more →

APWG’s Q4 2024 Phishing Activity Trends Report, published March 19 th, revealed that more than eight in ten Business Email Compromise (BEC) attacks last quarter were sent by attackers favoring Google’s free webmail service. By comparison, only 10% used Microsoft’s…

Read more →

DDoS attacks have long been dismissed as blunt instruments, favored by script kiddies and hacktivists for their ability to overwhelm and disrupt. But in today’s fragmented, hybrid-cloud environments, they’ve evolved into something far more cunning: a smokescreen. What looks like…

Read more →

According to the NIS Directive, Member States should adopt a common set of baseline security requirements to ensure a minimum level of harmonized security measures across the EU and enhance the overall level of security of operators providing essential services…

Read more →