Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

EncryptHub, a rising cybercriminal entity, has recently caught the attention of multiple threat intelligence teams, including our own (Outpost24’s KrakenLabs). While other reports have begun to shed light on this actor’s operations, our investigation goes a step further, uncovering previously unseen aspects of their infrastructure, tooling, and behavioral patterns.

Today, Outpost24 is excited to announce the launch of its new CyberFlex solution, a flexible combination of ASM and PTaaS. With two-thirds of organizations having experienced a cyberattack via unmanaged internet-facing assets, the CyberFlex solution provides an unmatched approach to the comprehensive discovery, risk management, and protection of all your external-facing applications.

Security through obscurity is based on the idea that if attackers don’t know how a system works or even if it exists, they’ll have a harder time breaching it. Despite repeatedly broken implementations and lacking support from standards bodies, this concept continues to be widely used. Secret doesn’t always mean safe – and it can even give a false sense of security.

On January 14th, 2025, Belsen Group emerged in the underground forum Breach Forums publishing a list of sensitive data extracted from vulnerable Fortinet FortiGate devices. Since then, they have expanded their malicious activities into acting as initial access brokers. Who are they and what do we know about them? In this blog we’ll give you the lowdown on an ambitious new threat group to be aware of.

In the context of penetration (pen) testing, false positives are where the testing tools or methods identify a security vulnerability or issue that doesn’t actually exist. Essentially, a false alarm. This can happen for a few reasons, such as misconfigurations in the testing tools, incorrect assumptions, or environmental factors.

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from January.

Starting a security program can be challenging for some organizations, especially running a mature program across a large business. Resourcing, lack of organization, and not having a clear remediation strategy are key aspects to the failure of some programs, which can all result in severe breaches of businesses. I’ll walk through seven steps that will help ensure your program is a success and also give a quick overview of how Outpost24’s Managed Services can support your efforts.

We’ve asked Outpost24’s CISO, Martin Jartelius, what 2025 is likely to hold for organizations using attack surface management (ASM) tools. Here’s what Martin had to say about what he predicts for ASM in 2025, as well as some thought on how the CISOs role might change.

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from December.

Subdomain takeover is a serious risk for organizations with a large online presence (which is a lot of businesses in 2025!). A domain name is the starting point of your company’s online identity, encompassing the main and subsidiary websites—serving as the organization’s business card, storefront, and a central hub for commercial activities. For SaaS providers and tech solution vendors, domains also form a critical component of their product offerings.