Working in the network operating center (NOC) at Black Hat Europe, we’re never quite sure what we’re going to see. The anxiousness I feel there is similar to what I’d experience when I was blue-teaming for a corporate network. I could prepare all I wanted, read all the blogs about the current threat trends people and companies were tracking on the Internet, and review all the red team and vulnerability scanner reports to identify likely targets.

There’s a new ransomware gang targeting critical infrastructure, government organizations, educational institutions, and energy sectors. Their name? Hellcat. But who exactly are they? Hellcat is a new ransomware gang that has surfaced across dark web forums in 2024. Hellcat employs a ransomware-as-a-service (RaaS) model, offering ransomware tools and infrastructure to affiliates in exchange for a share of the profits.

Happy New Year! As we usher in a year with some pleasant mathematical properties, I wanted to take a brief look back at one of the stories that was most interesting to me as a security data nerd from last year: our dependency on the National Institute of Standards and Technologies’s (NIST) National Vulnerability Database(NVD), and what the degradation in service has meant to the flow of information about new CVEs. TL:DR.

As cyber threats continue to grow in complexity and frequency, vulnerability management requires more than just patching systems; it demands a dynamic, threat-adapted approach.

Unlike Western AI systems governed by privacy laws and ethical considerations, DeepSeek operates under a regime notorious for state-sponsored hacking, surveillance, and cyber espionage. With AI-driven automation at its disposal, China can rapidly scale its cyberattacks, embedding malware, manipulating financial markets, and eroding trust in global AI platforms.

Do you ever wish you could lock your Android device to a single app or restrict specific functions for a more focused and secure experience? Guided Access can make it happen. This blog will guide you through everything you need to know about enabling Guided Access for Android devices, its benefits, and how miniOrange MDM can take it to the next level.

The Transportation Security Administration (TSA) has proposed new rules requiring those under its jurisdiction to follow specific cyber risk management (CRM) requirements, report cybersecurity incidents in a certain timeframe, and address physical security concerns. This is positive news for the transportation industry, as hundreds of attacks have been leveled against the sector. These attacks have the potential to impact the supply chain, create chaos, and endanger human lives.