Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

For the second year in a row, TMCnet, a global, integrated media company, has recognized WatchGuard EPDR + Zero-Trust Application Service with a Zero Trust Security Excellence Award. The award recognizes the leaders and pioneers in the zero trust industry offering the most innovative and effective solutions.

The Domain Name System (DNS) is a fundamental component of the Internet, translating human-friendly domain names into IP addresses that computers use to communicate. While its primary function is straightforward, DNS servers play a crucial role in both the performance and security of online activities.

APIs present a security risk—that much is a given. Attacks on APIs have caused some of the most significant security incidents of the past decades. But the question now is: How can we flip the script and leverage their power to enhance security? Bybit might just have the answer. Bybit—one of the world’s leading cryptocurrency exchanges— recently leveraged the power of an API in the wake of a devastating security breach that resulted in a staggering $1.5 billion loss.

On 11 February 2025, a Telegram user called ExploitWhispers shared a ZIP file to a Russian-language Telegram channel. The user claimed that this file contained the internal Matrix chat logs of the BlackBasta ransomware group and was captured between 18 September 2023 and 28 September 2024. The user also shared information about some of the BlackBasta members, including one of the operation’s admins, the group’s administrator, and leader Oleg Nefedov.

Cyjax monitors and analyses the initial access broker (IAB) market on the most prominent cybercriminal forums. As noted in Cyjax’s 2024 IAB market in review, it is almost certain that extortion groups, APTs, data brokers, and other threat groups use IABs to gain initial access to targeted networks. Though at first glance it is not immediately obvious how important the IAB market is to the threat landscape, Cyjax has conducted a deep analysis of public IAB listings and extortion group DLSs.

Security Operations Centre (SOC) analysts are at the forefront of cybersecurity defence, managing thousands of alerts every day. The overwhelming volume of these notifications makes it increasingly difficult to distinguish legitimate threats from false positives, leading to analyst burnout and operational inefficiencies. Studies show that up to 62% of alerts are ignored, resulting in missed threats and the further weakening of an organisation’s security posture.

As we stand on the brink of the agentic AI revolution, it’s crucial to understand the profound impact AI agents will have on how people, applications and devices interact with systems and data. This blog post aims to shed light on these changes and the significant security challenges they bring. It’s important to note that given the rapid pace of advancements in this field, we could not have anticipated many of the challenges discussed here just a few months ago.

Sam Altman’s recently published “Reflections” blog is one of those pieces that made me stop mid-scroll and wonder, “We’re really right in it, aren’t we?” Part think piece, part reality check, it’s a fascinating article that balances enthusiasm for AI’s potential with the very real warning signs flashing over all our heads.

The Mayor of London has cut funding for victims of online crime in the capital at a time when 98% of reports to the police are given ‘no further action’. In fact, victims are seven times less likely to see their perpetrator charged or summoned compared to victims of offline crime. From the 1st of April 2025, dedicated online crime victim services will be shut down and thousands of victims will go without specialist support.

ESET warns of a wave of phishing attacks informing employees that they’ve been fired or let go. The emails are designed to make the user panic and act quickly to see if they’ve actually lost their job. If a user falls for the attack, they’ll be tricked into downloading malware or handing over their login credentials.