With the growing cyberattacks threatening business and customer data, Chief Information Security Officers (CISO) are working to implement the NIS2 Directive into their organization to strengthen their digital security. NIS2 is mandatory for all medium-sized and large organizations within vital sectors in the EU.

Case management for modern SOCs can be a maze of endless alerts, overwhelming data, and intense pressure. Legacy solutions often exacerbate these issues with rigid workflows, limited automation capabilities, and a lack of real-time adaptability, leaving teams ill-equipped to handle the growing complexity of threats. The volume of cases, manual workflows, and processes leave analysts overwhelmed, exhausted, and struggling to keep pace.

Welcome to the 20th edition of the Cloudflare DDoS Threat Report, marking five years since our first report in 2020. Published quarterly, this report offers a comprehensive analysis of the evolving threat landscape of Distributed Denial of Service (DDoS) attacks based on data from the Cloudflare network. In this edition, we focus on the fourth quarter of 2024 and look back at the year as a whole.

By now, you will almost certainly be aware of the transformative impact artificial intelligence (AI) technologies are having on the world. What you may not be aware of, however, is the role Application Programming Interfaces (APIs) are playing in the AI revolution. The bottom line is that APIs are critical to AI systems – but they are also a major reason why AI systems are vulnerable to abuse. In this blog, we’ll explore why API security is critical for the safe and ethical deployment of AI.

Analyzing network traffic patterns is the heart of a successful security strategy. As organizations continue to grow their digital landscapes, cyber threats have also progressed in complexity and now utilize sophisticated evasion techniques to evade detection. Conventional security countermeasures are no longer able to cope with such dynamic and persistent security threats, hence now organizations are relying on network traffic analysis to detect and mitigate any security incidents.

It was in January 2025 when a disaster leakage of data was leaked having more than 15,000 configuration files carrying VPN credentials leaked from FortiGate devices spread on several devices. It depicts acute problems inside organizations using the products by Fortinet about a higher need for an excellent security approach. The Belsen Group, the hacking collective carried out this attack by taking advantage of the zero-day vulnerability known as CVE-2022-40684.

Phishing attacks are a huge threat. They prey on human trust and manage to trick even the most tech-savvy users. A successful attack on a company’s customers can weaken it financially, create compliance issues, and cause long-lasting reputational damage. Scammers have stolen over $1 trillion globally in just the past year – a staggering figure that rivals the GDP of some nations.

Medusa is a ransomware-as-a-service (RaaS) platform that first came to prominence in 2023. The ransomware impacts organisations running Windows, predominantly exploiting vulnerable and unpatched systems and hijacking accounts through initial access brokers.

NASA is about to introduce new requirements for its contractors. These requirements will dramatically improve the cybersecurity of spacecraft and the US’ resilience to cyber threats. But what do these requirements mean for spacecraft manufacturers? What challenges will they face? And what will they need to do to comply? Keep reading to find out.

The energy sector is the cornerstone of modern infrastructure, powering essential services and supporting the daily operations of economies worldwide. However, it also faces unique cybersecurity challenges, particularly in complying with the North American Electric Reliability Corporation's Critical Infrastructure Protection (NERC CIP) standards.