|
By Curt Buchanan
Over the past month, the cybersecurity community has published isolated reports detailing disparate attacks by the North Korean state-aligned threat group Shifty Corsair (also known as FAMOUS CHOLLIMA). While individual vendors have documented specific supply chain poisons or targeted spear-phishing campaigns, the Threat Fusion Cell (TFCTI) at BlueVoyant has synthesized these findings to reveal a much larger, coordinated offensive.
Featured Post
In recent weeks, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and the National Cyber Security Centre (NCSC) have all issued warnings about the growing risk of cyber activity attributed to Iranian-aligned actors. Their message is clear: the geopolitical situation is volatile, and organisations should assume they may be in scope for retaliation. The agencies all highlight similar weaknesses being repeatedly exploited: unpatched vulnerabilities, weak identity controls, and exposed remoteaccess services.
|
By BlueVoyant
For every human in a healthcare organization, there are 82 machine identities—service accounts, API keys, cloud functions, medical devices.2 That's the 82:1 ratio, and it means your team is fundamentally outnumbered. The Change Healthcare breach in 2024, which started with one unprotected Citrix credential and disrupted 40% of US claims processing,1 showed exactly what happens when that ratio goes unmanaged. The numbers back this up.
BlueVoyant researchers have uncovered a broad, multi-pronged phishing campaign targeting Spanish-speaking users in organizations across Latin America and now Europe as well. While recent industry intelligence heavily documented attacks utilizing WhatsApp to deliver banking trojans under the umbrella of the Brazil-based eCrime group Augmented Marauder (a.k.a.
|
By Tara Ragan
The generative AI revolution isn't on the horizon. It's already reshaping the way your employees work. Across every industry, workers are adopting AI-powered productivity tools at a pace that far outstrips most organizations' security and governance programs. The question is no longer whether your organization will use AI, but whether you're prepared to use it securely. The challenge is real, but so are the misconceptions that keep organizations from taking action.
|
By BlueVoyant
We're excited to announce that BlueVoyant's Third-Party Risk Management (TPRM) solution is now available on Google Cloud Marketplace. This milestone makes it easier than ever for organizations to purchase, deploy, and start managing supply chain cyber risk while getting more value from their existing Google Cloud Platform (GCP) investment.
|
By Micah Heaton
Microsoft 365 E7 launches May 1, 2026. At $99 per user per month, it is the most complete Microsoft enterprise license ever shipped. It bundles E5, Copilot, Entra Suite, and the new Agent 365 into a single SKU. We have fielded hundreds of questions from customers about what E7 means for their security posture, their licensing strategy, and their AI readiness. Here are the 10 questions that come up the most, answered from a security partner perspective.
|
By Dan Petrillo
Microsoft Purview is a powerful platform, but power without expertise can lead to underutilization, misconfiguration, and missed opportunities. Across industries, organizations are grappling with a common set of challenges: The stakes are high. A single compliance incident can cost organizations between $100,000 and $5 million in fines and penalties. And that figure doesn't account for the reputational damage, operational disruption, and remediation costs that follow.
Featured Post
Most organisations are wellequipped to respond to visible cyber incidents such as ransomware attacks, service outages, alert surges, or public disclosures. These events trigger established response processes: there is a clear catalyst, an observable impact, and a defined operational playbook.
BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) continue to track an activity cluster that uses email bombing and IT-support impersonation over Microsoft Teams to obtain Quick Assist access, then pivot to a deeper attack. This research shows that once on the victim’s host, the actors sideload a malicious DLL to deliver a new backdoor BlueVoyant has dubbed the A0Backdoor.
|
By BlueVoyant
Discover BlueVoyant's highly customizable, AI-driven questionnaire platform that automates assessment creation and distribution.
|
By BlueVoyant
BlueVoyant has guided hundreds of clients to assess, deploy, and optimize their Microsoft security products. Our sessions are personalized one-on-one engagements where we analyze your unique environment, provide insights and guidance, and help you make data-backed decisions about your next Microsoft Security investment. Optimize security and potentially save up to 60% - Consolidate your solutions with Microsoft, get more out of E5, leverage compliance and security add-ons.
|
By BlueVoyant
Secure your vendor and partner ecosystem in five easy steps with BlueVoyant Supply Chain Defense.
|
By BlueVoyant
In today's increasingly hostile threat landscape, organizations are grappling with a lack of resources and overworked security operations teams, making effective, full-coverage threat detection and response a significant challenge. BlueVoyant Managed Detection & Response provides a cloud-native solution that offers end-to-end consulting, implementation, and managed security services with 24x7 security threat detection and response.
|
By BlueVoyant
The BlueVoyant Cyber Defense Platform helps secure Azure, Microsoft 365, and hybrid cloud environments. We're trusted by more than 1,000 clients in 40-plus countries.
|
By BlueVoyant
Discover how to unleash the full capabilities of your Microsoft Security tools and optimize your Copilot experience with BlueVoyant.
|
By BlueVoyant
Discover how supply chain cyber breaches are impacting global organizations in BlueVoyant's fourth annual survey into supply chain cyber risk management.
|
By BlueVoyant
Businesses operating within the EU must prepare to comply with the stringent requirements of NIS2. Failure to do so could result in significant penalties, highlighting the urgency for organisations to act swiftly. NIS2 introduces new requirements in areas such as risk management, corporate accountability, reporting obligations, and business continuity.
|
By BlueVoyant
In today's connected world, there's no shortage of entry points into financial institutions. From online banking websites to mobile apps, these crucial parts of a business are also easy targets. Taking a proactive approach to protect your customers' assets and your brand is the answer, but where do you start?
|
By BlueVoyant
Your business is your castle. Once upon a time, you could keep it safe by constructing strong walls, posting a few guards at the door, raising the drawbridge, and digging a deep moat around it. That's now the stuff of fairy tales. Today's networks simply can't be locked down due to the nature of business itself. The perimeter that was once contained to a single building now spreads as far as your furthest third-party connection or remote employee. And while your business benefits from this greater flexibility and increased operational efficiency, so do the cybercriminals.
|
By BlueVoyant
When it comes to designing or improving upon your organization's security program, one key area to focus on and include is cyber resilience. Either as a complementary stand-alone program or embedded into an existing cyber defense program, cyber resilience refers to a company's ability to continue business operations and outcomes in spite of cyber attacks or events.
|
By BlueVoyant
In the past few years, third-party cyber attacks have imparted financial and reputational damage to every sector, from banks to healthcare systems to governments. The average cost of a third-party data breach in 2021 was $4.33 million, according to a report from IBM and the Ponemon Institute. While CISOs are well aware of the potential supply chain devastation from attacks, preventing them has been a challenge. In this white paper, we'll walk through three third-party breach scenarios, including real-world examples, offering practical solutions to prevent such attacks.
- April 2026 (3)
- March 2026 (7)
- February 2026 (4)
- January 2026 (3)
- December 2025 (4)
- November 2025 (3)
- October 2025 (3)
- September 2025 (5)
- August 2025 (5)
- July 2025 (7)
- June 2025 (4)
- May 2025 (6)
- April 2025 (5)
- March 2025 (2)
- February 2025 (1)
- January 2025 (3)
- December 2024 (2)
- November 2024 (2)
- October 2024 (1)
- September 2024 (11)
- August 2024 (4)
- July 2024 (5)
- June 2024 (3)
- May 2024 (1)
- April 2024 (3)
- March 2024 (1)
- December 2023 (1)
- November 2023 (3)
- October 2023 (7)
- September 2023 (4)
A comprehensive security operations platform empowered by AI to enable uninterrupted protection against potential threats.
BlueVoyant combines internal and external cyber defense capabilities into outcomes-based, cloud-native cybersecurity solution by continuously monitoring your network, endpoints, attack surface, and supply chain, as well as the clear, deep, and dark web for threats.
BlueVoyant Cyber Defense Platform:
- Detection & Response: Protect your endpoints, network, and cloud from sophisticated threats while leveraging your existing security tool investments — EDR, SIEM, others.
- Supply Chain Defense: Rapidly identify and drive remediation of critical cybersecurity issues in your third-party ecosystem, including zero-day and emerging vulnerabilities.
- Digital Risk Protection: Detect and eliminate cyber threats originating in the clear, deep, and dark web before they impact your business and customers.
- Cyber Posture Management: Systematic approach that involves the continuous measurement, management, and mitigation of cyber risk.
- Proactive Defense: Collaborative and holistic approach to attack surface management that includes vulnerability management, penetration testing, phishing awareness, dark web threat research, and configuration management.
Seamless AI-driven internal, external, and supply chain cyber defense, all within one powerful Security Operations Platform.