Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Automating secrets rotation requires maturity and planning. Let's look at how to inventory, scope, and secure credentials without risking downtime or vulnerabilities.

By James Rees, MD, Razorthorn Security The landscape of cybersecurity awareness has changed dramatically in the last 25 years. What began as simple password guidance and basic IT training has evolved into a complex web of security challenges that organisations must navigate daily. Back in December 1999, the world held its breath waiting for the Y2K bug to wreak havoc on computer systems globally.

Managing vendor security is a growing challenge for MSPs. Clients expect you to deliver enterprise-grade protection across their entire supply chain. However, many struggle with limited resources, manual processes, and the complexity of addressing third-party risks. SecurityScorecard MAX turns this challenge into an opportunity, helping you protect your clients while driving recurring revenue for your business.

Businesses are turning to structured cybersecurity approaches like the NIST Cybersecurity Framework (CSF) to protect data from breaches. Especially since the latter’s cost is expected to reach $10.5 million in 2025. The CSF’s core functions (Govern, Identify, Protect, Detect, Respond, Recover) can help mitigate digital risks.

Are you concerned about the security of your AWS environment? With over 73% of businesses having at least one critical security misconfiguration, it's essential to take proactive measures to protect your data and applications. While AWS is responsible for the security of the underlying infrastructure, you are responsible for securing your data and applications in the cloud.

This year, organizations increasingly recognized the importance of cybersecurity automation. According to our 2024 Evolution of Cybersecurity Automation Adoption report, 80% of senior cybersecurity professionals now consider automation crucial, up from 75% last year. Notably, 39% have secured new budgets specifically for automation, highlighting a strategic shift towards more efficient and scalable security operations.

APIs (Application Programming Interfaces) have become the backbone of modern digital ecosystems, enabling seamless integration and data exchange between a wide array of applications and services. From ordering meals through food delivery apps to accessing real-time weather updates, APIs underpin countless daily interactions. However, the very attributes that make APIs so indispensable – their ubiquity and high functionality – also render them appealing targets for malicious actors.

Hellcat ransomware emerged in early November 2024 and quickly became a notable threat in the cybersecurity landscape. The group first gained attention on November 6, 2024, when it claimed responsibility for a cyberattack against Schneider Electric. Known for its aggressive tactics and unique ransom demands, Hellcat is already making its mark in the world of ransomware.

Keeper Security’s Risk Management Dashboard delivers a streamlined view within the Keeper Admin Console to quickly and easily give administrators visibility into their organization’s Keeper configuration practices and compliance posture. The Risk Management Dashboard leverages an outlined set of Keeper Security Benchmarks to keep organizations compliant and safe.

Scammers are abusing Google ads to target users searching for help with printer problems, according to researchers at Malwarebytes. The malicious ads claim to offer tech support for installing drivers used by HP and Canon printers. “After clicking on a malicious ad, the website instructs you to enter your printer’s model number in order to download the required driver, which it proceeds to ‘install,’” the researchers write.