Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As noted in the just-released Trustwave SpiderLabs report, 2025 Trustwave Risk Radar Report: Manufacturing Sector, modern manufacturing systems are increasingly interconnected, creating fertile ground for cybercriminals. The report details the weaknesses attackers exploit in infrastructure, workers, and the digital supply chain. Among the various tactics observed, vulnerability exploitation stood out due to its prevalence and potential impact.

Infostealers have dominated the malware landscape due to the ease of threat operations maintenance, and a wide group of potential victims. In this blog, we take a closer look at a unique infostealer designed to precisely target a narrow data set on systems located in chosen geographic locations. The Strela Stealer (rus. Cтрела, lit. 'Arrow') is an infostealer that exfiltrates email log-in credentials and has been in the wild since late 2022.

Awarded for outstanding protection, performance, and minimal false positives. Elastic Security has earned AV-Comparatives’ 2024 Approved Product Award in the Enterprise Main-Test Series. The honor reflects its outstanding malware defense, optimal system performance, and minimal false positives. Excelling across protection, performance, and false-positive benchmarks, Elastic Security has proven its ability to safeguard organizations without compromise.

According to IBM’s Cost of a Data Breach Report 2024, the average cost of a single data breach reached an all-time high of $4.88 million last year, driven by increased revenue loss, operational downtime, customer churn and regulatory fines, among other factors. As frequent targets of cybercriminals, finance services companies face especially high risks – and the consequences of a successful breach can be particularly damaging from both reputational and compliance perspectives.

On March 4, 2025, Broadcom, which acquired VMware in 2023, released security updates to fix three actively exploited vulnerabilities in VMware ESXi, Workstation, and Fusion that could result in code execution and information disclosure. CVE-2025-22224 is a critical TOCTOU (Time-of-Check Time-of-Use) race condition vulnerability that leads to an out-of-bounds write, allowing an attacker with administrative privileges on a virtual machine to execute code as the VMX process on the host.

In recent years, Transformer models have been the backbone of the revolution within the artificial intelligence sector. They are the basis of large language models (LLMs) and responsible for LLMs’ ability to understand and generate text of a human-like quality. Transformers are able to learn long-range interactions between words and sentences, allowing them to retain high-level concepts and insights into their training data.

The Payment Card Industry Data Security Standard (PCI DSS) is a global security framework established by major credit card brands that outlines security requirements for any organization handling cardholder data, including encryption, access control, and network security. PCI DSS is regularly updated, and Version 4.0, effective March 2025, focuses on allowing organizations to tailor security controls to their specific needs.

Up to 27 days to fix a leaked secret? We feel your pain. Explore how contextual secrets management helps you take control, cut remediation time, and strengthen your security posture. Don't just detect, understand your secrets.

With collaboration and efficiency a top priority, Egnyte’s partnership with Microsoft is revolutionizing the way teams work together. Many organizations are already leveraging Microsoft Office products, and now it’s easier than ever for them to streamline their procurement process and get the most out of their technology investments. Starting today, Egnyte is available through the Microsoft Azure Marketplace!

Ransomware-as-a-service is a business model where ransomware operators and third parties, called “affiliates,” work together to launch ransomware attacks. RaaS was first identified in 2012 with the Reveton ransomware strain, and in the subsequent decade it has exploded into a sophisticated and ever-evolving cybercrime tactic.