Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If the term “cyber threat” alone is enough to make any company nervous, imagine a sophisticated cyberattack designed not only to infiltrate but to remain hidden within a network for extended periods. These threats are real, but they can also be countered. Let us introduce you to the infamous APTs or advanced persistent threats.

In this episode of Security Matters, host David Puner sits down with Deepak Taneja, co-founder of Zilla Security and General Manager of Identity Governance at CyberArk, to explore why 2025 marks a pivotal moment for identity security. From the explosion of machine identities—now outnumbering human identities 80 to 1—to the convergence of IGA, PAM, and AI-driven automation, Deepak shares insights from his decades-long career at the forefront of identity innovation. Listeners will learn.

Trying to stay ahead in cybersecurity can feel a bit like juggling gas-powered chainsaws while riding a unicycle across a tightrope—dangerous, noisy, and not for the faint of heart. Thankfully, security information and event management (SIEM) tools are your safety harness—keeping you steady, secure, and just far enough from the edge that you’re not plunging headfirst into the abyss of breached data, regulatory fines, and sleepless nights.

Endpoint Detection and Response (EDR) and Security Information and Event Management (SIEM) have become integral to modern SecOps architecture and threat detection capabilities. However, the urgency of the situation is clear—attackers are deploying increasingly sophisticated techniques to bypass threat detection centered on these systems.

Implementing a Privileged Access Management (PAM) solution is an important step toward protecting your organization’s most sensitive data and systems. When executed correctly, PAM helps enforce the Principle of Least Privilege (PoLP), reduces your attack surface and gives security teams control over who can access what and when. However, how effective a PAM solution is depends on how it’s implemented.

Cybersecurity firm Trellix uncovered a sophisticated spear-phishing operation in late May 2025 that exploited NetBird, a legitimate open-source remote access platform, to infiltrate organizations worldwide.

AI has had dramatic impacts on almost every facet of every industry. API security is no exception. Up until recently, defending APIs meant guarding against well-understood threats. But as AI proliferates, automated adversaries, AI-crafted exploits, and business logic abuse have complicated matters. It’s no longer enough to merely patch known flaws; security teams must now contend with intelligent, adaptive attacks that evolve as fast as the technology they target.

Netskope Threat Labs has discovered a campaign using fake installers to deliver the Sainbox RAT and Hidden rootkit. During our threat hunting activities, we encountered multiple installers disguised as legitimate software, including WPS Office, Sogou, and DeepSeek. These installers were mainly MSI files that were delivered via phishing websites. Both the phishing pages and installers were in Chinese, indicating that the targets are Chinese speakers.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! It will only ever go upwards…

Every DevSecOps, cloud security and even AppSec team knows the feeling: scanners flag hundreds – sometimes thousands – of critical issues across your pipelines, environments and apps. But how many of those findings actually matter? How many represent real, immediate risk to applications running in production? The uncomfortable answer? Very few. At ARMO, we’ve seen firsthand how over 60% of security findings are irrelevant hypothetical risks that will never be exploited.