Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CYSIAM Announces Partnership with CrowdStrike to Strengthen Cyber Resilience in the UK Defence Supply Chain

CYSIAM aannounces partnership with CrowdStrike to strengthen cyber resilience across the UK Defence sector supply chain. Through this partnership, CYSIAM will equip defence organisations with advanced protection powered by the CrowdStrike Falcon cybersecurity platform, safeguarding critical national infrastructure and enhancing the nation's defence capabilities.

Why API Discovery Is Critical to Security

For Star Trek fans, space may be the final frontier, but in security, discovering Application Programming Interfaces (APIs) could be the technology equivalent. In the iconic episode “The Trouble with Tribbles,” the legendary starship Enterprise discovers a space station that becomes overwhelmed by little fluffy, purring, rapidly reproducing creatures called “tribbles.” In a modern IT department, APIs can be viewed as the digital tribble overwhelming security teams.

What is Disinformation Security?

In an era of AI-generated content, deepfakes, and manipulated media, disinformation is no longer just a concern for governments and social media platforms – it’s a cybersecurity threat. According to Gartner’s 2025 trend forecast, disinformation security will be a key focus area as AI-generated content, deepfakes, and synthetic media continue to challenge digital trust. But what exactly is disinformation security, and why has Gartner identified it as a critical business risk?

Effective Runtime Security in Containerized Environments

Runtime security is all about real-time protection, actively monitoring and responding to threats as they happen, not just hardening, setting up barriers or reacting to attacks after the fact. Think of it this way: traditional security measures prevent most intruders, but what about the ones that manage to get in? Runtime security alerts you to any suspicious activity and takes immediate action to stop it. Why is this so important for containers?

Schools in Session: Surge in Phishing Attacks Targeting the Education Sector

KnowBe4’s Threat Lab recently observed a phishing campaign targeting educational institutions. Over a 30 day period, 4,361 threats were reported, originating from 40 unique sender domains. 65% of these domains were compromised educational institution IDs. The ultimate aim of these attacks was to harvest credentials resulting in the potential data loss, compromise and further phishing emails.

Three VMware Zero-Days Exploited in the Wild Patched by Broadcom

On March 4, 2025, Broadcom released patches for three zero-day vulnerabilities exploited in the wild, affecting ESXi, Workstation, and Fusion. These vulnerabilities, discovered by Microsoft, range in severity from high to critical. Details of the exploitation have not been revealed at this time, and Arctic Wolf has not identified a public Proof-of-Concept (PoC) exploit.

Self-Proclaimed "BianLian Group" Uses Physical Mail to Extort Organizations

On or around February 25, 2025, a threat actor claiming to be associated with the BianLian ransomware group began using the United States Postal Service (USPS) to send physical ransom letters to executives, primarily within the US healthcare sector. Notably, when compared with historical BianLian communications and ransom notes, the physical ransom letters are drastically different in word usage and tone.

Is Enterprise Risk Posture Better or Worse Today?

Measuring enterprise risk posture—its overall security readiness and resilience—is a complex challenge. Advanced security solutions, such as automated vulnerability management tools and unified risk dashboards, enable organizations to defend their networks with unprecedented efficiency. The rapid expansion of cloud environments and the intricacies of modern IT infrastructures, however, present an increasingly dynamic attack surface.