Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Since at least February 2025, Arctic Wolf has observed Interlock Remote Access Trojan (RAT) being deployed via social engineering techniques. Recently, The DFIR Report published a technical analysis of the Interlock RAT being delivered via a social engineering technique dubbed “FileFix.” The name FileFix is derived from its similarity to the previously documented ClickFix technique using fake CAPTCHA pages.

Digital connectivity is reshaping European manufacturing, driving both efficiency and innovation. However, this shift has also created a complex and vulnerable cyber threat landscape, making manufacturing the most targeted industry for cyberattacks for the past four years. Connected systems and legacy infrastructure are colliding, expanding the attack surface and exposing manufacturers to increased risks.

Getting through secure email gateways (SEGs) is simply the cost of doing business for a cybercriminal. Literally, detection at the perimeter by a SEG is the same as falling at the first hurdle. SEGs have been adopted broadly, especially in larger organizations (although this picture has started to change in recent years - more on that below). Even where organizations don’t use a SEG, many native controls in email platforms (like Microsoft Exchange) operate using the same principles.

BERT ransomware targets Windows and Linux platforms, TGR-CRI-0045 exploits leaked machine keys to access organizations, and XWorm evolves into a modular and evasive remote access trojan.

To address a rising attack vector: client-side JavaScript tampering on payment pages.

SaaS sprawl and shadow IT create significant security vulnerabilities, exposing organizations to unmanaged apps, unauthorized access, and compliance risks. It’s simply not enough to secure access to the applications you’re actively managing. You also need to secure everything else. That’s one of the reasons we acquired Trelica earlier this year. Organizations must be capable of identifying and managing applications that are used outside of IT and security’s purview.

AI agents are rapidly transforming how software is accessed, operated, and integrated, such as automating workflows, calling APIs, and interacting with tools and SaaS platforms on behalf of users. This paradigm unlocks powerful new capabilities, but it also raises urgent questions about how sensitive data, especially credentials and secrets, should be managed.

Broadcom’s recent announcement to retire the VMware Advantage Partner program has left many organizations questioning their virtualization strategy. As the dust settles on this major industry shift, understanding what these changes mean for your organization and how to navigate them quickly is all important. The transition affects thousands of VMware partners worldwide, but for customers and partners alike, one thing remains clear: the need for reliable, experienced partners has never been greater.

In my previous post, we explored the reasons and methods for safeguarding Microsoft Entra ID data using Veeam Backup & Replication. While having secure, encrypted backups is essential, their value diminishes if you can’t restore them when it matters most. In this post, we’ll dive into the recovery process step by step. If you’ll remember there are a number of object types within Entra ID that can be protected at this time and they are.

Netskope has been named a Leader in the 2025 Gartner Magic QuadrantTM for SASE Platforms. This is the second successive year, and we are now positioned furthest in vision in the Gartner Magic QuadrantTM reports for BOTH SASE Platforms and SSE. That’s what we, at Netskope, call “20/20 Vision.” In this year’s 2025 Critical Capabilities for SASE Platforms report, Gartner defined four key Use Cases.