Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The EU Cyber Resilience Act (CRA) and the Digital Operational Resilience Act (DORA) are shaping the regulatory landscape for cybersecurity in Europe and across the globe. While DORA focuses on the financial sector and ICT providers, the upcoming CRA will extend requirements to all digital products and services, emphasizing secure-by-design practices and software resilience.

Founded around 2022, Scattered Spider is a well-known group of young, English-speaking threat actors believed to be from the US and UK. The group—which has some members as young as 16—first gained global recognition in September 2023 when they successfully hacked the internal systems of both Caesars Entertainment and MGM Resorts, obtaining sensitive data they used to extort the casinos.

On September 18, 2025, an Analysis Report was issued by CISA that details information about two sets of malware it obtained from an organization that was compromised during May 2025. To gain initial access, the threat actors chained together known vulnerabilities outlined in CVE-2025-4427 and CVE-2025-4428 in Ivanti Endpoint Manager Mobile (Ivanti EPMM) before deploying the malware, which allowed them to achieve remote code execution (RCE).

Complying with the Digital Operational Resilience Act (DORA) means proving that resilience is built into daily operations through ongoing, evidence-backed practices. SafeBreach, the leader in enterprise exposure validation, helps institutions meet DORA’s key requirements by simulating real-world threats across the MITRE ATT&CK framework.

Security teams are under immense pressure. Traditional red teaming and annual penetration tests aren’t cutting it anymore. Breaches are no longer rare events; they’re expected. What matters now is what happens after the breach. Enter Continuous Automated Red Teaming (CART). CART is transforming how leading security teams approach validation, visibility, and readiness.

In August 2025, a joint Cybersecurity Advisory (CSA) was issued by CISA, NSA, FBI, and allied cybersecurity agencies across the Five Eyes, EU, and partner nations. This advisory details a long-term espionage campaign by People’s Republic of China (PRC) state-sponsored actors—linked to companies supporting the Ministry of State Security (MSS) and People’s Liberation Army (PLA).

A new cybersecurity reality has taken shape across Europe: the European Union’s updated Network and Information Security Directive (also known as NIS2) went into effect in January 2025. This sweeping regulation expands the cybersecurity obligations of thousands of organizations in critical sectors from energy and transport to healthcare, finance, cloud and data centers. Much like the Digital Operational Resilience Act (DORA) in the financial world, NIS2 isn’t just another compliance checkbox.

If you’ve decided relying on annual penetration tests isn’t enough anymore (smart move), the next question is: “What’s the best way to continuously prove — and improve — our internal security posture?” There’s no shortage of platforms out there promising to be your automated red team, internal pentester, or attack-surface explorer. But dig deeper, and you’ll see not all of them are built the same.

A denial of service (DoS) attack is a malicious tactic used to disrupt the normal traffic of a server, service, or network. It occurs when an attacker attempts to flood a specific target server with an overwhelming amount of requests in an attempt to crash it or cause it to malfunction.

The remote procedure call (RPC) protocol is one of the building blocks of Microsoft Windows and is widely used for inter-process communication between clients and servers. When RPC clients search for a server based only on a universally unique identifier (UUID) of an interface—without specifying an endpoint—they will go through the Endpoint Mapper (EPM). It will connect them to an endpoint that a server registered, exposing the interface the clients are looking for.