Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When was the last time your business or enterprise tested its defenses with a real-world attack simulation? If the answer is never—or more than a year ago—your company may be more vulnerable than you think. Regular penetration testing by an expert team like Cybriant is one of the most effective ways to uncover and fix security weaknesses before attackers exploit them. Interested in learning more? Read on.

We are excited to announce the launch of Veracode Threat Research, a new initiative to counter software supply chain threats. Thanks to the acquisition of Phylum, Inc., we are now equipped with cutting-edge technology and a wealth of expertise to revolutionize how we secure the open-source ecosystem and protect your developers from novel attacks.

Trustwave MailMarshal fortified its position as a leading secure email gateway by being named a Top Player in Radicati’s Secure Email Market Quadrant 2025 report. This is the second consecutive year that Radicati has recognized Trustwave MailMarshal for its ability to protect organizations from email-based attacks.

The history of penetration testing begins with military strategies used to test enemy defenses. Over time, this evolved into a formal practice for identifying vulnerabilities in computer systems. This article traces the brief history of of penetration testing, from its early conceptual roots in military exercises, through the rise of ‘Tiger Teams’ in the 1970s, to the sophisticated tools and methodologies in use today.

On March 21, 2025, CrushFTP privately alerted customers to a critical authentication bypass vulnerability, now tracked as CVE-2025-31161. Since the initial disclosure, a proof-of-concept (PoC) exploit has been made publicly available, and the CrushFTP CEO has confirmed observing customer compromises via CVE-2025-31161.

Manufacturing organizations need Privileged Access Management (PAM) for Industrial Internet of Things (IIoT) security because it protects critical systems and devices by ensuring that only authorized users have access. IIoT refers to a network of connected devices that work together to collect and analyze data across industrial sectors to improve operational efficiency. As IIoT becomes increasingly integral to manufacturing, securing these connected systems is more important than ever.

Quantifying the economic impact of Elastic Security As public sector organizations grapple with a changing economic and political landscape, the focus has increasingly turned to driving efficiencies, reducing costs, and strengthening resiliency.

Outpost24 analysts recently discovered a critical authentication bypass vulnerability in CrushFTP, identified as CVE-2025-31161. The vulnerability has a CVSSv3.1 score of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8). We reached out to MITRE for a CVE on 13th March 2025 and were within an agreed 90-day non-disclosure period with CrushFTP. The plan was to give users plenty of time to patch before attackers were alerted to the vulnerability and able to exploit it.