Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI is powering a new wave of ransomware. Learn how Avast stopped FunkSec's attack and how you can protect your files from evolving cyber threats. Ransomware has long been one of the most feared cyber threats on the internet, and for good reason. It’s fast, disruptive, and increasingly effective at locking up your most important files and demanding payment in exchange for their return. It’s not just businesses that get hit, either.

The majority of web experiences are currently developed with Single Page Applications to offer a fast, seamless, and undeniably effective user experience. Frameworks such as REACT, Angular, and Vue.js have turned the browser into an application runtime rather than a passive page loader. Nevertheless, this transition is associated with a security price that most teams continue to underestimate. Dynamic Application Security Testing (DAST) tools were designed to work with simpler web applications.

Today’s security operations centers (SOCs) are under more pressure than ever. The number of alerts is growing. Threats are more complex. And security teams are expected to detect, investigate, and respond to incidents faster, all while grappling with talent shortages and limited resources. Generative AI is emerging as a critical enabler in this environment.

Omdia, a global analyst and advisory leader, recently released a report called “How Extended Access Management (XAM) closes the gaps in security.” In it, they describe how existing tools have failed to address the most serious security challenges: application sprawl, device sprawl, and identity sprawl.

Most Microsoft 365 users aren’t aware of this recently growing serious email threat vector. I have been teaching about the risks of Microsoft email rules, forms and connectors on email clients and servers for decades. Both can be created by an attacker learning your email address and logon credentials (e.g., password or MFA codes).

Symmetric cryptography powers everything from HTTPS to JWT tokens, but key management remains a significant challenge. This developer guide covers three critical use cases—session keys, self-use keys, and pre-shared keys—with practical strategies for secure generation, rotation, and storage.

By 2025, non-human identities (like service accounts, API keys, and bots) will outnumber human identities by 45:1 in cloud environments. Yet many organizations still rely on static IAM roles and manual provisioning, leaving them exposed to credential sprawl, insider risk, and compliance violations. That’s where modern Enterprise Identity Management (EIM) comes in. Enterprise software development is increasingly cloud native.

If you’re a security vendor and you get breached, you’re not just another victim; you’re a failed promise. A broken fire alarm in a burning building. When Okta disclosed a breach in October 2023, its stock dropped nearly 11%, wiping out close to $2 billion in market cap in a single day – a stark reminder of how quickly trust evaporates.