Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from December.

Subdomain takeover is a serious risk for organizations with a large online presence (which is a lot of businesses in 2025!). A domain name is the starting point of your company’s online identity, encompassing the main and subsidiary websites—serving as the organization’s business card, storefront, and a central hub for commercial activities. For SaaS providers and tech solution vendors, domains also form a critical component of their product offerings.

Cyber threats are more sophisticated, pervasive, and frequent than ever before. As a result, traditional methods for network security are becoming obsolete. These solutions simply cannot handle the extraordinary scale and complexity of network traffic inherent in modern IT environments. AI-driven solutions, however, can.

Enterprises expanding their operations often face the challenge of also ensuring seamless and secure connectivity in China, a critical market with unique regulatory and network challenges. Businesses entering this vast market often face three primary obstacles: These challenges can hinder productivity, stall digital transformation, and overwhelm IT teams. The question is clear: how can enterprises achieve secure, seamless, and compliant connectivity in this complex digital environment?

While Exponential Organizations (ExOs) are transforming industries beyond the tech space, that doesn’t mean that they are not susceptible to an increasing number of cyber threats. As ExOs harness innovative and cutting-edge technologies to drive transformative growth, the ability to respond effectively and proactively to cyber incidents becomes increasingly vital.

Factors such as scalability, budget, and security must be considered for businesses considering their cloud storage and data management needs. Still, one of the most crucial factors that must be accounted for is what compliance standards must be met. Compliance with GDPR, HIPPA, SIEM, or other bodies ensures the organization adheres to legal, regulatory, and industry standards that are met to protect sensitive data.

PCI DSS 4 Compliance requires a clear understanding of the latest requirements, particularly Requirement 6.4.3 and 11.6.1, which emphasize the importance of JavaScript monitoring for maintaining secure payment environments. For AppSec, Infosec, or ISA/QSA professionals, staying on top of PCI DSS 4.0.1 can feel overwhelming, but protecting payment card data leaves no room for errors.

Cybersecurity authorities continuously grapple with the challenges posed by sophisticated cyberattacks. Palo Alto Networks has lately preached a critical denial-of-service (DoS) vulnerability in its PAN-OS software. Tracked as CVE-2024-3393, this critical vulnerability (CVSS score: 8.7) poses serious risks to enterprises relying on PAN-OS and Prisma Access for their cybersecurity infrastructure.

A Privileged Identity Manager (PIM) is essential for securing an organization’s most sensitive data and systems by managing, monitoring, and controlling privileged access. In this article, we’ll explore how PIM works, its key features like Just-in-Time access and Detailed Access Reports, and its importance for enterprise security, compliance, and operational efficiency.

When building applications in Tines, you want an interactive and personalized experience for the end user. Level up your Tines pages by allowing users to search for available options in a field or select multiple items in a table. Learn more about page customization →