Learn about OWASP’s newest focus on Non-Human Identities and how to mitigate risks like secret leakage, overprivileged NHIs, and insecure authentication with GitGuardian.

The Cyberint (now a Check Point Company) Philippine Threat Landscape 2024-2025 report unravels the evolving cyber threats and scam operations targeting organizations in the Philippines—mainly within the Government, Education, Financial, and Telecommunications sectors. Data from Cyberint sources indicates a surge in cyber threats such as malware, social engineering, and system exploitations.

In the rapidly evolving landscape of artificial intelligence (AI), the development of AI Agents has become a focal point for enterprises… nearly all of them. According to recent IBM research, 99% of respondents are exploring or actively developing AI agents. This surge in interest also serves to underscore the necessity for secure AI agent development.

Space Bear is a relatively new ransomware group that first appeared on the radar in April 2024. The gang, which is aligned to the Phobos ransomware-as-a-service group, steals sensitive data from organisations, encrypts victims' computer systems, and demands that a ransom be paid for a decryption key or the data will be published on the dark web.

Today, I’m thrilled to announce that Tines has formally signed CISA’s Secure by Design pledge. Since our founding, we have been guided by the fundamental belief that secure software is security software, and that our customers shouldn’t need to make a tradeoff between adding valuable automation capabilities or reducing their attack surface.

The healthcare industry stands at the cusp of a major transformation with the introduction of the Healthcare Information Security Accountability Act (HISAA), a progressive regulatory framework set to replace the decades-old Health Insurance Portability and Accountability Act (HIPAA). HISAA is designed to address the evolving complexities of healthcare data management, emphasizing real-time data governance, proactive monitoring, and stricter controls over third-party data exchanges.

Researchers at SlashNext warn that cybercriminals are using a WordPress plugin called “PhishWP” to spoof payment pages and steal financial information. The spoofed pages are designed to steal payment card numbers, expiration dates, CVVs, and billing addresses. The plugin can also intercept one-time passwords generated to secure the transactions. The stolen data is immediately sent to the crooks via Telegram as soon as the victim hits “enter” on the phishing page.

The discussion about managing the impact of shorter TLS certificate lifespans began with the proposal from Google to shorten the lifespan of public-facing certificates to 90 days. And then the plot thickened when Apple jumped in with a 45-day certificate proposal. We’re not fortune tellers, but we do believe these changes, or something close to them, will happen in the not-too-distant future.

Read also: Former AT&T employee arrested for fraud, two Indians charged in fraud tech support scheme, and more.

The year 2025 marks an exciting chapter for BDRSuite as we unveil a roadmap dedicated to empowering Managed Service Providers (MSPs). With a strong emphasis on Remote Centralized Management, we aim to redefine the managed backup experience for MSPs. Additionally, our roadmap introduces new features and enhancements focusing on ransomware protection, virtual environments (Proxmox VE, oVirt, KVM) and latest security updates, addressing evolving market demands and user needs.