Category: Blog RSS Feed

Cybercriminals are getting smarter. Not by developing new types of malware or exploiting zero-day vulnerabilities, but by simply pretending to be helpful IT support desk workers. Attackers affiliated with the 3AM ransomware group have combined a variety of different techniques…

Read more →

Health-ISAC recently released their 2025 Health Sector Cyber Threat Landscape Report, a comprehensive outline of the malicious activity aimed at healthcare in the previous year. Not surprisingly, ransomware was cited by security professionals in the industry as the number one…

Read more →

Attackers have made a decisive switch toward stealthy, identity-centric attacks. Forget breaking in – modern cybercriminals simply log in. And that should be a concern. According to the IBM X-Force 2025 Threat Intelligence Index, nearly one-third of intrusions in 2024…

Read more →

The proliferation of Internet of Things (IoT) devices – more specifically, security cameras – has forced organizations to rethink how they protect their physical hardware. Security cameras represent some of the most common IoT devices installed in business and commercial…

Read more →

Recent research by Comparitech reveals the shocking truth about ransomware attacks on government entities; they have a longer impact than anyone thought. Tracking over 1100 government-targeted ransomware attacks over a period of six years, researchers discovered that each day of…

Read more →

A new era of inconceivably fast quantum machines is not far away, with computers almost ready to completely transform the way we solve problems, communicate, and compute. However, this transformation is not all positive, and the cybersecurity industry fears that…

Read more →

There are ghosts in the machine. Not the poetic kind. I mean literal, running-code-with-root-access kind. The kind that was set up ten years ago by an admin who retired five jobs ago. The kind that still wakes up every night…

Read more →

Adhering to the ever-tightening letter of the law is the cost of doing business these days, and for many companies caught in the crosshairs, that cost is getting too high. New research by Bridewell Consulting revealed that 44% of all…

Read more →

The Health Insurance Portability and Accountability Act (HIPPA) was established to protect patient privacy and secure health information. While it has been around for nearly two decades, it is evolving to keep up with an increasingly digital world and in…

Read more →

When people hear “supply chain attack,” their minds often go to headline-grabbing breaches. But while analysts, CISOs, and journalists dissect those incidents, a more tactical and persistent wave of attacks has been unfolding in parallel; one that’s laser-focused on small…

Read more →

Today’s Patch Tuesday Alert addresses Microsoft’s May 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1156 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2025-32706 A vulnerability in the Windows…

Read more →

APWG’s Q4 2024 Phishing Activity Trends Report, published March 19 th, revealed that more than eight in ten Business Email Compromise (BEC) attacks last quarter were sent by attackers favoring Google’s free webmail service. By comparison, only 10% used Microsoft’s…

Read more →

DDoS attacks have long been dismissed as blunt instruments, favored by script kiddies and hacktivists for their ability to overwhelm and disrupt. But in today’s fragmented, hybrid-cloud environments, they’ve evolved into something far more cunning: a smokescreen. What looks like…

Read more →

According to the NIS Directive, Member States should adopt a common set of baseline security requirements to ensure a minimum level of harmonized security measures across the EU and enhance the overall level of security of operators providing essential services…

Read more →

Cybersecurity threats continue to evolve, posing very real risks to organizations, and nowhere is this risk more pronounced than in entities that handle a nation’s critical infrastructure, as these attacks put public health and safety at risk, harm the environment,…

Read more →

Tripwire’s April 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google. Up first on the list are patches for Microsoft Edge (Chromium-based) and Google Chromium that resolve 11 issues including remote code execution and improper implementation…

Read more →

Oh dear, what a shame, never mind. Yes, it’s hard to feel too much sympathy when a group of cybercriminals who have themselves extorted millions of dollars from innocent victims have found themselves dealing with their own cybersecurity problem. And…

Read more →

Cybersecurity threats continue to evolve, posing very real risks to organizations, and nowhere is this risk more pronounced than in entities that handle a nation’s critical infrastructure, as these attacks put public health and safety at risk, harm the environment,…

Read more →

The cyber workforce gap is one of the most pressing and persistent challenges facing the cybersecurity industry. In 2024, ISC2 found that the gap amounted to 4.8 million people globally, up 19% from the previous year. Both public and private…

Read more →

The mechanisms and dangers of email phishing are well known, as are the best practices for hardening organizations against it. Its spin-off, called vishing, is nothing new, but it’s both rapidly evolving, and unlike the more mainstream counterpart, too often…

Read more →