Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Silent Ransom Group "Call-back" Phishing Campaign

Arctic Wolf has observed an uptick in activity from the Silent Ransom Group, a cybercriminal group first identified in 2020 and notorious for its targeted cyber extortion campaigns driven by financial gain. This week, the group has been targeting the legal industry using “call-back” phishing tactics. The group sends emails impersonating services such as Duolingo or Masterclass, claiming a pending charge and urging recipients to call a phone number to resolve the issue.

From Zero to Hero: Master Kubernetes Backup with Palette VMO by Spectro Cloud

Kubernetes has become the foundation for modern applications—but with great flexibility comes greater complexity and risk. Whether it’s an accidental misconfiguration, a failed update, or a cluster-wide outage, disruptions happen fast—and when they do, they impact both your containers and the virtual machines (VMs) running alongside them. In these high-stakes moments, your recovery plan is what makes the difference between a brief hiccup and a full-blown disaster.

The Data Sovereignty Imperative: The Business Value of Data Protection

Data and proactive insights garnered therein are vital strategic assets in the modern digital era. Amidst this backdrop, global regulations notably starting with the European Union (EU) Global Data Protection Regulation (GDPR) have become the vanguard to: It’s important to note too, that data sovereignty enables individual ownership of data and supports individuals to fully control how it is used while assuring that their data is protected in compliance with local regulations.

Keeper Recognized as a Global Cybersecurity Leader, G2 Spring 2025 Reports

Keeper Password Manager was rated as a leading enterprise, mid-market and small business password manager for Spring 2025 by users on G2, the world’s largest and most trusted software marketplace. Within the Spring 2025 report cycle, Keeper earned a G2 Milestone Badge, surpassing 1,000 reviews from a variety of customers, including Small Business, Mid-Market and Enterprise end users and admins alike.

Threat Monitoring for Superannuation Security

On April 4, 2025, The Australian Financial Review reported on a set of credential abuse attacks targeting multiple Austrian superannuation funds. These attacks were not breaches of the infrastructure of those companies, but compromises of individual customer accounts via stolen credentials. How were those customer credentials stolen?

What is NIS 2? A guide to navigating compliance requirements

The Network and Information Security (NIS) directive was introduced in 2016 to outline cybersecurity obligations across the EU and enable operational resilience for in-scope organizations. In 2020, the European Commission proposed the directive’s revision, which led to the formal adoption of NIS 2 in 2022. ‍ In this guide, we answer the common question of organizations impacted by the directive—What is NIS 2?

ISO 27001 and NIS 2: Key differences explained

ISO 27001 is a globally recognized standard for building robust information security management systems (ISMS). The standard is closely aligned with NIS 2—a mandatory EU directive designed to fortify the cybersecurity posture of critical infrastructure among Member States. ‍ These two frameworks form a unique symbiotic relationship due to the potential overlap in the requirements and controls.

Tycoon2FA New Evasion Technique for 2025

The Tycoon 2FA phishing kit has adopted several new evasion techniques aimed at slipping past endpoints and detection systems. These include using a custom CAPTCHA rendered via HTML5 canvas, invisible Unicode characters in obfuscated JavaScript, and anti-debugging scripts to thwart inspection. This blog takes a closer look at these methods to better understand how this kit is evolving and what defenders should be aware of.

The malware dating guide: Understanding the types of malware on NPM

The Node ecosystem is built on a foundation of trust — trust that the packages you npm install are doing what they say they do. But that trust is often misplaced. Over the past year, we’ve seen a disturbing trend: a rising number of malicious packages published to npm, often hiding in plain sight. Some are crude proof-of-concepts (PoCs) by researchers, others are carefully crafted backdoors.