Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

bluevoyant

The OtterCookie Matryoshka

Apr 21, 2026 By Curt Buchanan In BlueVoyant
Over the past month, the cybersecurity community has published isolated reports detailing disparate attacks by the North Korean state-aligned threat group Shifty Corsair (also known as FAMOUS CHOLLIMA). While individual vendors have documented specific supply chain poisons or targeted spear-phishing campaigns, the Threat Fusion Cell (TFCTI) at BlueVoyant has synthesized these findings to reveal a much larger, coordinated offensive.
Read Post
Featured Post
Iranian Cyber Threats, Geopolitics and the New Cyber Reality

Iranian Cyber Threats, Geopolitics and the New Cyber Reality

Apr 13, 2026 By Robert Hannigan, Chairman of International Business In BlueVoyant
In recent weeks, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and the National Cyber Security Centre (NCSC) have all issued warnings about the growing risk of cyber activity attributed to Iranian-aligned actors. Their message is clear: the geopolitical situation is volatile, and organisations should assume they may be in scope for retaliation. The agencies all highlight similar weaknesses being repeatedly exploited: unpatched vulnerabilities, weak identity controls, and exposed remoteaccess services.
Read Post
bluevoyant

Using Agentic AI to Scale Threat Detection in Healthcare

Apr 6, 2026 By BlueVoyant In BlueVoyant
For every human in a healthcare organization, there are 82 machine identities—service accounts, API keys, cloud functions, medical devices.2 That's the 82:1 ratio, and it means your team is fundamentally outnumbered. The Change Healthcare breach in 2024, which started with one unprotected Citrix credential and disrupted 40% of US claims processing,1 showed exactly what happens when that ratio goes unmanaged. The numbers back this up.
Read Post
bluevoyant

Unpacking Augmented Marauder's Multi-Pronged Casbaneiro Campaigns

Mar 31, 2026 By Thomas Elkins and Joshua Green In BlueVoyant
BlueVoyant researchers have uncovered a broad, multi-pronged phishing campaign targeting Spanish-speaking users in organizations across Latin America and now Europe as well. While recent industry intelligence heavily documented attacks utilizing WhatsApp to deliver banking trojans under the umbrella of the Brazil-based eCrime group Augmented Marauder (a.k.a.
Read Post
bluevoyant

Four Excuses That Are Leaving Your Data Exposed to AI Risk

Mar 26, 2026 By Tara Ragan In BlueVoyant
The generative AI revolution isn't on the horizon. It's already reshaping the way your employees work. Across every industry, workers are adopting AI-powered productivity tools at a pace that far outstrips most organizations' security and governance programs. The question is no longer whether your organization will use AI, but whether you're prepared to use it securely. The challenge is real, but so are the misconceptions that keep organizations from taking action.
Read Post
bluevoyant

BlueVoyant TPRM Is Now Available on Google Cloud Marketplace

Mar 24, 2026 By BlueVoyant In BlueVoyant
We're excited to announce that BlueVoyant's Third-Party Risk Management (TPRM) solution is now available on Google Cloud Marketplace. This milestone makes it easier than ever for organizations to purchase, deploy, and start managing supply chain cyber risk while getting more value from their existing Google Cloud Platform (GCP) investment.
Read Post
bluevoyant

Microsoft 365 E7 Is Here: 10 Questions Every Security Leader Needs Answered

Mar 20, 2026 By Micah Heaton In BlueVoyant
Microsoft 365 E7 launches May 1, 2026. At $99 per user per month, it is the most complete Microsoft enterprise license ever shipped. It bundles E5, Copilot, Entra Suite, and the new Agent 365 into a single SKU. We have fielded hundreds of questions from customers about what E7 means for their security posture, their licensing strategy, and their AI readiness. Here are the 10 questions that come up the most, answered from a security partner perspective.
Read Post
bluevoyant

Microsoft Purview Brings AI Readiness, Data Security, and Continuous Compliance

Mar 19, 2026 By Dan Petrillo In BlueVoyant
Microsoft Purview is a powerful platform, but power without expertise can lead to underutilization, misconfiguration, and missed opportunities. Across industries, organizations are grappling with a common set of challenges: The stakes are high. A single compliance incident can cost organizations between $100,000 and $5 million in fines and penalties. And that figure doesn't account for the reputational damage, operational disruption, and remediation costs that follow.
Read Post
Featured Post
Managing Persistent Exposure: Why APT Defence Requires a Strategic Shift

Managing Persistent Exposure: Why APT Defence Requires a Strategic Shift

Mar 17, 2026 By Lorri Janssen-Anessi, Director of External Cybersecurity Assessments In BlueVoyant
Most organisations are wellequipped to respond to visible cyber incidents such as ransomware attacks, service outages, alert surges, or public disclosures. These events trigger established response processes: there is a clear catalyst, an observable impact, and a defined operational playbook.
Read Post
bluevoyant

New A0Backdoor Linked to Teams Impersonation and Quick Assist Social Engineering

Mar 6, 2026 By Thomas Elkins and Joshua Green In BlueVoyant
BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) continue to track an activity cluster that uses email bombing and IT-support impersonation over Microsoft Teams to obtain Quick Assist access, then pivot to a deeper attack. This research shows that once on the victim’s host, the actors sideload a malicious DLL to deliver a new backdoor BlueVoyant has dubbed the A0Backdoor.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.