Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A password manager protects your online accounts by storing all your passwords in one place, making it easier to use strong, unique passwords for every account without having to remember them all. Many password managers also support passkeys, which make logging in even safer and easier as an alternative to traditional passwords.

If you are like me, a couple of years ago it was like I woke up to a new concept in the world of IT: the non-human identity. But, wait…this sounds very familiar. Haven’t we had service accounts and machines identities for performing automated tasks for many years now? In fact, I was on a development team that produced what is now known as RPA tools that helped automate repetitive IT tasks; an area highly used by many enterprises.

In the ever-evolving world of retail, cyber threats are no longer a distant concern, they’re a daily reality. Over the past year, around 612,000 UK businesses reported experiencing a cyber breach or attack. Phishing remains the most common and disruptive method, targeting 85% of those affected. The retail sector, in particular, sits on a goldmine of customer data, credit card details, email addresses, and purchase histories, all of which are highly attractive to cybercriminals.

Most mobile security conversations start with code: vulnerabilities, misconfigurations, tokens, and flaws. But few discussions focus on a critical dimension—location: not where an app is used, but where its data travels. In modern mobile architectures, dozens of services operate behind the scenes. SDKs phone home. APIs call upstream. CDNs redirect without warning. Within this chaos, a single, silent connection to a sanctioned region can escalate into a compliance crisis.

In late June 2025, Arctic Wolf issued a security bulletin addressing a critical out-of-bounds read vulnerability in Citrix NetScaler ADC and Gateway that Citrix disclosed, tracked as CVE-2025-5777. This vulnerability affects NetScaler devices configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

Last week, we hosted the Product Spotlight: Build agents in Tines, and it was a hit. We had so many questions that we couldn’t answer them all live, so we’re continuing the conversation here. Before we jump into the Q+A, here’s a quick recap of the webinar in case you missed it: In this session, Head of Product Stephen O'Brien introduced the AI Agent action and shared how it builds on our ongoing evolution of workflows.

The 2025 SANS SOC Survey reveals that while technology keeps evolving, the core problems facing SOC teams remain stubbornly in place. Teams are understaffed. Tool sprawl is growing. And performance metrics often miss the mark. Many SOCs lack the workflows, strategy, and staff to connect tools, streamline processes, and reduce manual work. And now they face a new challenge: making AI actually deliver value. Let’s dig into the key findings.

With the average phishing campaign now harvesting its first set of credentials in under 15 minutes , the efficacy of a detection strategy is measured in seconds, not hours.. Relying on scanning and takedown or traditional threat intelligence feeds – that inherently lag behind real-time user engagement – is no longer a viable defense against even unsophisticated credential theft and account takeover (ATO) scams.

The National Institute of Standards and Technology (NIST) has unveiled a new metric that promises to revolutionize the way vulnerability management is prioritized. Likely Exploited Vulnerabilities (LEV) is a ranking designed to help organizations focus their efforts on the flaws that cybercriminals are actively using to perpetrate real-world attacks. Thousands of vulnerabilities are reported every year but only a small fraction is exploited in the wild.

CPS 234 and ISO 27001 are two industry-accepted standards that help protect organisations from cyber attacks—one of the biggest threats and concerns Australian organisations experienced in 2024. The standards can be said to share the same end goal—increasing cyber resilience while helping manage information security more effectively. ‍ Despite this shared goal, CPS 234 and ISO 27001 come with notable differences.