Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On January 14th, 2025, Belsen Group emerged in the underground forum Breach Forums publishing a list of sensitive data extracted from vulnerable Fortinet FortiGate devices. Since then, they have expanded their malicious activities into acting as initial access brokers. Who are they and what do we know about them? In this blog we’ll give you the lowdown on an ambitious new threat group to be aware of.

In the context of penetration (pen) testing, false positives are where the testing tools or methods identify a security vulnerability or issue that doesn’t actually exist. Essentially, a false alarm. This can happen for a few reasons, such as misconfigurations in the testing tools, incorrect assumptions, or environmental factors.

A small entrepreneur-led digital marketing agency was having a regular morning with client calls, design presentations, and ad discussions. Suddenly, every team member was locked out of their accounts and couldn’t access their e-mails, cloud folders, or even the company bank account – their data had been taken hostage digitally. This isn’t just a cautionary tale.

Researchers recently found another Software Supply Chain issue in BoltDB, a popular database tool in the Go programming environment. The BoltDB Go Module was found backdoored and contained hidden malicious code. This version took advantage of how Go manages and caches its modules, allowing it to go unnoticed for several years. This backdoor allows hackers to remotely control infected computers through a server that sends them commands i.e. via a command and control server.

Building a vulnerability management (VM) program from the ground up is no small feat. It requires technical expertise, organizational buy-in, and a clear roadmap. In recent months, I’ve been working with a client who had to discard their legacy approach and start afresh. We came to realize just how many components have to come together to get a decent start on a VM project while also showing value along the way.

Security teams and developers are drowning in product security alerts. Every security scan generates a flood of issues, and manually reviewing, prioritizing, and assigning each one is time-consuming and inefficient. The result? Critical risks get buried in long backlogs, while developers waste time chasing issues that don’t actually introduce real risk.

Tanium Remediation Visibility is a game-changer for vulnerability and exposure management. This post describes a number of foundational capabilities of Tanium Autonomous Endpoint Management. Check out this Tanium AEM overview for a high-level explanation of capabilities and benefits.