Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Securing privileged accounts with FIDO2 security keys is the best way to protect them from internal and external threats because they offer enhanced security and convenience compared to traditional authentication methods. Continue reading to learn more about why traditional methods are insufficient for protecting privileged accounts, how FIDO2 enhances security and the benefits of using FIDO2 for privileged accounts.

Between December 2024 and February 2025, the LevelBlue MDR team saw over a dozen attempts and a handful of successful intrusions by threat actors (TAs). Internally, we broadly attribute these attacks to the Black Basta ransomware gang. As outlined by other cybersecurity researchers’ reporting of similar tactics, techniques, and procedures (TTPs) observed; there is a high probability that this activity is from affiliate groups or initial access brokers.

On Wednesday, March 5th, Kibana disclosed a security vulnerability with a Critical CVSS score of 9.9 impacting versions 8.15.0 through 8.17.2, with 8.17.3 being patched to fully remediate the vulnerability. The vulnerability, known as prototype pollution, revolves around the malicious crafting of file uploads and the sending HTTP requests leading to arbitrary code execution on the host machine.

It’s undeniable that cyber threats are becoming more sophisticated, and SMEs are facing increasing risks. Ransomware attacks, data breaches, and supply chain vulnerabilities are all on the rise, with smaller businesses being hit hardest due to limited security resources and technical expertise. At Stripe OLT, we don’t just recognise these challenges – we’re here to help you tackle them.

Whether it needed to outrun Imperial fighters or make the Kessel Run in less than 12 parsecs, the Millennium Falcon simply couldn’t work its magic without a functioning hyperdrive. Similarly, today’s business enterprises need a way to move vast amounts of data quickly, securely, and without interruption—but relying on the public internet simply isn’t cutting it. Data is one of the most valuable resources a business can have.

Every year that goes by shows an improvement in technology, often by leaps and bounds over previous technology. What used to be the realm of far-off science fiction so unbelievably exotic that it defined genres is now a commonplace reality. With new technology comes new threats. We’ve seen a dramatic increase in digital threats, from the SolarWinds supply line attack, to the compromised Outlook services, to the currently-ongoing Salt Typhoon attack on telecom companies.

Every hype cycle brings fresh security concerns, and AI is no exception. AI governance might sound like uncharted territory, but it’s really just another evolution of the same security principles AppSec teams have been applying for years. The fundamentals—secure coding, risk management, compliance, and policy enforcement—haven’t changed.

For founders of early-stage startups, growth is the North Star. You’re focused on building a great product, winning customers, and scaling fast. Security compliance? It’s probably not on your radar—but it should be. ‍ The reality is, compliance isn’t just a nice to have or a box to check when a customer asks to see a SOC 2 report. It’s a revenue accelerator.

Phishing remains a significant threat to organisations, despite advancements in cybersecurity. The tactics used in phishing attacks have evolved significantly. Attackers now use advanced techniques like spear phishing, targeting specific individuals or roles within an organisation, and clone phishing, which duplicates legitimate messages but includes malicious links.

I recently had the fantastic opportunity to represent Zenity in a round of strategic discussions with legislative and policy leaders in Washington DC as a part of the OpenPolicy Coalition. Zenity has recently partnered with OpenPolicy and joined the ecosystem in the effort to bridge the gap between bleeding edge innovation and traditional policy.