Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Organizations across the globe are confronted with a new set of challenges, ranging from shifting regulatory requirements to the rising influence of technology and globalization. It is no longer enough to simply adhere to a list of rules; companies must now embed compliance into the very fabric of their operations to thrive.

The benefits of offering managed services to health care organizations are obvious. The problem? Health care disaster recovery (DR) creates a complex web of compliance requirements that can quickly turn profitable clients into costly liabilities. Health care data breaches average $10.93 million per incident — that's more than double the cost of breaches in other industries. For MSPs serving health care clients, disaster recovery isn't just about getting systems back online.

Golden ticket attacks target the KRBTGT account in Active Directory, allowing attackers to forge Kerberos tickets and impersonate domain admins. Tools like Mimikatz make this attack simple and long-lasting, since forged tickets can remain valid for years. Netwrix Threat Manager, Privilege Secure, and Identity Threat Detection & Response (ITDR) help detect anomalies, rotate KRBTGT credentials, and enforce Just-in-Time access to prevent compromise.

If you attended AWS re:Invent last year, it probably felt like there was an AI solution for everything. Models, copilots, agents; by the end, someone had to pitch an AI solution to summarize all of the other AI solutions. This year, it may still feel like the AI announcements multiply faster than the models themselves. Under all of the hype, one message still resonates: AI innovation only works when it’s built on a secure foundation.

We have just released the 2025 State of Cloud Security study, where we analyzed the security posture of thousands of organizations using AWS, Azure, and Google Cloud. In particular, we found that: In this post, we provide key recommendations based on these findings, and we explain how you can use Datadog Cloud Security to improve your security posture.

Most people are aware of ways to ensure their online security, yet they often fail to implement them fully. A common guideline when signing up for an account on any website is to create a strong password; however, 65% of people reuse passwords across websites. Not just that, people use passwords that are easier to guess, like ‘123456’, ‘iloveyou’, ‘welcome’, and personal details. These passwords regularly appear in data breach leaks.

Your backup system is supposed to be your safety net. It’s the insurance policy that lets you sleep at night knowing that even if disaster strikes, your business can recover. But there’s a problem: ransomware attackers know about your backups too. And they’re coming for them first. According to data shared in our recent webinar with Pellera, 89% of organizations that experienced ransomware attacks saw clear indications that attackers specifically targeted their backup infrastructure.

KnowBe4 Threat Labs has uncovered an emerging advanced phishing campaign targeting Microsoft 365 users globally to steal their credentials. The attackers are wielding a powerful new tool that’s completely changing the game for cybercriminals—turning what used to be complex, technical phishing setups into simple one-click launches that can bypass certain technical controls. Welcome to the era of “Quantum Route Redirect.".

The package states it is for the GitHub Actions Toolkit, which has a legitimate npm package @actions/artifact. Therefore this malware package is a clear typosquat with the swapping of the letters “ti” for “it”. We took a look at the “harness” binary as indicated in version 4.0.13.

BlueVoyant’s Threat Fusion Cell (TFC) and Security Operations Center (SOC) have uncovered a cyber campaign that signals a concerning evolution in the threat landscape: the rise of the "LLM-Enabled Developer." In-depth analysis suggests the actor behind an ongoing ClickFix campaign leveraged publicly documented advanced attack chains, powered by AI-generated code, to deploy a less sophisticated, but capable Node.js RAT.