Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Historically, software vendors that detect various types of data in customers’ environments have relied heavily on rudimentary methods for identifying that data. One of the most popular methods for identifying the presence of any particular type of data is using regular expressions and, admittedly, Riscosity started off doing the same several years ago.

Cybersecurity has long focused on fortifying networks, securing endpoints and blocking malicious code. Yet one of the most persistent and costly security vulnerabilities isn’t technical — it’s human. Employees routinely fall for phishing scams, mishandle sensitive data or unintentionally violate security policies. While most people don’t mean to cause harm, their behavior still introduces significant cyber risk to the organization.

Cybersecurity researchers uncovered what is being called the "mother of all breaches," a colossal dataset containing 16 billion login credentials, including user passwords for Google, Facebook, and Apple. To put that figure in context, the cache represents twice the current human population of the Earth. This event was not the result of a single breach, but likely a compilation of data stolen from multiple breaches over many years.

As a security leader, you face an inevitable daily reality: a flood of alerts pouring in from dozens of different tools. Risky sign-ins are flagged in Microsoft 365, weak passwords are pinged from a vault audit, and a separate report identifies which employees failed the latest phishing simulation. While all this information is valuable, most leaders are unable to connect these separate data points to paint a clear, cohesive picture of an individual user’s overall risk.

Threat actors know that technology makes the world go round, and these adversaries are more than willing to use every cyber weapon at their disposal to take advantage of that fact, according to Trustwave SpiderLabs’ 2025 Trustwave Risk Radar Report: Technology Sector.

Ransomware attacks are surging, and Bitsight data shows just how dramatic the rise has been. Our cyber threat intelligence (CTI) researchers observed a nearly 25% increase in unique ransomware victims listed on leak sites in 2024.

Domain-name system (DNS)- based cyber attacks are becoming increasingly complex, and AI will only make managing them even more challenging. According to a recent report, Chief Information Security Officers (CISOs) anticipate a tumultuous season of cyber threats, with low confidence in their abilities to defend against them effectively.

Trustwave SpiderLabs' upcoming report, the 2025 Trustwave Risk Radar Report: Technology Sector, will be released on June 25 and will delve into the threats in the technology industry and how to stay secure. The report, an update on the team’s 2024 Technology Threat Intelligence Briefing and Mitigation Strategies, provides a comprehensive analysis of novel cybercriminal tactics and techniques, identifying the top trends that significantly affect the technology industry.

The cybersecurity landscape has reached a turning point. In this article, George Patsis, CEO of Obrela, challenges the traditional, tool-centric approach to cyber defense and goes through Obrela’s ground breaking approach to: real-time risk management. With cyber threats growing more complex and unpredictable, organizations must shift from reactive threat detection to a context-aware, business-aligned risk management.