Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Success in threat hunting is vastly different from incident response. Incident responders can measure success in criteria like ticket volume, mean time to close, or escalations. For threat hunting, the number of hunts vs. incidents is not comparable because hunts take longer, and the average time to complete a hunt can vary wildly. More importantly, most hunts will not result in incidents. We can’t use the same metrics! Our critical metrics of success are our outputs/deliverables and documentation.

Blockchain innovation is accelerating, offering new opportunities for developers to create secure applications. However, integrating blockchain infrastructure is getting increasingly complex. With more fragmentation, developers often have to juggle multiple tools, workarounds, and technical intricacies to manage network data, retrieve asset properties, and execute transactions effectively. This slows down innovation, increases operational overhead, and diverts focus from building great products.

At Denver's SnowFROC, security pros tackled the importance of OWASP’s evolving Top 10 and exposed the current shortcomings of AI-generated code for production systems.

Fraud is built on deception, and third-party fraud is no exception. In this type of fraud, attackers use stolen or synthetic identities to impersonate legitimate customers and gain unauthorized access to accounts, services, or funds. By exploiting the trust between businesses and their customers, fraudsters bypass traditional security measures, making third-party fraud a growing threat in an era of automated attacks and large-scale data breaches.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! When a company goes under data theft is a concern, but when one has highly sensitive information…

When you type a familiar website address in your web browser, you expect to land on a particular webpage, but what if you are redirected to a fake website designed to steal your sensitive data? Cyber attackers trick your internet settings into sending you to fake websites instead of the real ones. This is called a DNS spoofing or poisoning attack which exploits vulnerabilities in the Domain Name System (DNS) to compromise the entire network.

Traditional on-premises identity management solutions are no longer adequate to support small and midsize organizations. Moreover, modern Cloud alternatives have significantly eased the complexity and inefficiencies of premises-based identity management.

INKY has published its annual report on email security, finding that phishing accounted for 30% of all reported cybercrimes last year. “Phishing threats grew in both volume and sophistication, introducing new attack vectors like QR codes, cross-site scripting, and weaponized file types (e.g., RTF and DOT),” the report says. “Cybercriminals also increasingly exploited trusted services such as DocuSign and PayPal, underscoring the urgent need for adaptive, robust security solutions.”

A KnowBe4 Threat Lab Publication Authors: By James Dyer, Threat Intelligence Lead at KnowBe4 and Lucy Gee, Cybersecurity Threat Researcher at KnowBe4 On March 3, 2025, the KnowBe4 Threat Labs team observed a massive influx of phishing attacks originating from legitimate Microsoft domains. KnowBe4 Defend detected activity starting on February 24th, with a peak on March 3rd, when 7,000 attacks from microsoft-noreply@microsoft.com were recorded within a 30-minute window.

Networking and infrastructure and operations (I&O) teams often feel that they are facing contradictory challenges. They are expected to manually maintain the complex legacy infrastructure that keeps the business running, while also finding capacity and licence to help their organizations innovate at a time of rapid technological change.