Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We’re excited to share that Splunk Attack Analyzer recently introduced the ability to translate content and achieved SOC 2 Type II certification.

Every time someone asks me about building their AI policy, I die a little inside. Not because it’s a bad question, but because my answer is always the same: “Can we not build it off pure fear for once?” Most people don’t understand how AI architecture works, so their first instinct is to panic. And, we’ve seen this movie before: cloud, mobile, bring your own device (BYOD).

Five centuries after the printing press was invented, the digital age began. With significant revolutions in knowledge dissemination, the era taking place now has seen vast amounts of information become instantly accessible. Whilst this is generally seen as a positive in most countries worldwide, malicious intentions persist across the digital world.

Arctic Wolf has recently observed a campaign targeting the legal industry using a combination of brute-force and spearphishing techniques. Threat actors initially attempted to brute-force multiple user accounts. After those efforts were unsuccessful, they pivoted to spearphishing by sending spoofed emails that appeared to originate from internal users. These emails used the subject line “Reminder-Your-to-do-list” and contained a malicious.HTM attachment.

In the cybercrime ecosystem, innovation often comes in disturbing forms. The ransomware group Qilin—already notorious for offering a full suite of extortion tools to affiliates—has introduced a new feature that elevates psychological warfare to a new level: a “Call a Lawyer” button. This isn’t satire. This is real social engineering, now backed with actual legal threats.

June 2025 has seen WhatsApp back in the headlines—this time for all the wrong reasons. Earlier this month, The National broke the story: WhatsApp’s security is under renewed scrutiny following revelations that Israel remains the only known actor to have successfully exploited it. But if history has taught us anything, it’s this: if one nation-state can do it, others may follow. At Appknox, we decided to verify the current state of WhatsApp’s mobile app security for ourselves.

Omdia, a global analyst and advisory leader, recently released a report called “How Extended Access Management (XAM) closes the gaps in security.” This report describes how existing approaches to access management have failed to address the security, budgetary, and compliance risks posed by unmanaged identities, applications, and devices.

In this article Businesses looking for serious compliance street cred often turn first to ISO 27001. ISO 27001 is a globally recognized framework that outlines and defines information security management system (ISMS) requirements. Because being ISO 27001 certified demonstrates an organization meets best practices for information security, ISO certification can give businesses a significant competitive advantage. If you’re weighing ISO 27001 vs.