Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The ability to control and monitor who has access to critical systems is a fundamental pillar of cybersecurity. However, many organizations today struggle with fragmented identity management, leaving their operational technology (OT), industrial control systems (ICS), and/or cyber physical systems (CPS) environments vulnerable to security breaches, compliance violations, unnecessary business risks, and operational inefficiencies.

The role of trust for both employees and customers has come under increased scrutiny in the past decade. The rise of concepts such as zero trust for the workforce and the privacy/personalisation paradox for customers has moved trust from being an exercise in academic rigour, to one which has realigned enterprise security architecture choices.

As the manufacturing industry modernizes and expands its digital connectivity, it has become increasingly vulnerable to sophisticated cyberattacks targeting its evolving cyber defenses. In the newly released 2025 Trustwave Risk Radar Report: Manufacturing Sector, Trustwave SpiderLabs outlines the key cybersecurity challenges facing manufacturers and provides a comprehensive list of mitigation strategies to help organizations strengthen their defenses.

Identity and access management (IAM) is part of a world where the only constant is change. Whether from emerging technologies and new cyber threats, or unpredictable human behaviors and shifting business priorities – cybersecurity is in a state of permanent flux. These developments have caused many cybersecurity teams to harden their defenses with methods such as identity-based and passwordless authentication.

As the manufacturing sector continues to modernize and develop deeper and wider connections to the Internet, the industry has opened itself up to a broad range of sophisticated cyberattacks designed to take advantage of this sector’s still-developing cyber defenses. Trustwave SpiderLabs explains these and other issues facing manufacturers in its just released 2025 Trustwave Risk Radar Report: Manufacturing Sector, and offers a list of protective mitigations organizations can adopt.

In today’s threat landscape, detecting and responding to distributed attacks is more challenging than ever. Attackers often operate in stealth, using coordinated strategies to blend into normal traffic and evade detection. To address this issue, Datadog Application Security Management (ASM) has a new clustering feature designed to identify and group attacker behaviors during distributed attacks.

A critical heap buffer overflow vulnerability in the AWS C Common library was discovered autonomously through an AI-automated fuzz testing solution, CI Fuzz, and has been fully addressed with a patch. In this post, we explore the vulnerability and its potential impact on embedded systems.

Reverse engineering the AsyncRat malware infection, exploring the means of deployment and staging.

While malware growth is something we have been experiencing over the past few years, the increase observed by WatchGuard's threat lab team in Q3 2024 was the highest to date. Q3 saw astronomical growth in total endpoint malware threats, reaching 300.48% with 420,304 threats. The previous high was recorded in Q1 2024, when there was an 81.77% rise, almost double the previous quarter. However, Q3 almost quadrupled the figure for Q2 2024 when 104,951 threats were detected.

Security through obscurity is based on the idea that if attackers don’t know how a system works or even if it exists, they’ll have a harder time breaching it. Despite repeatedly broken implementations and lacking support from standards bodies, this concept continues to be widely used. Secret doesn’t always mean safe – and it can even give a false sense of security.