Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The traditional approach to managing security operations centers (SOCs) is straining the mental and physical reserves of even the most skilled security analysts—while also failing to provide the protection organizations need against today’s threats. Analysts are left to respond to a never-ending stream of alerts, resulting in an overwhelming, reactive cycle that stifles proactive investigation and threat hunting.

This year at Stablecon 2025, I had the privilege of delivering the opening keynote on behalf of Fireblocks. We supported the inaugural event as title sponsor because we believe stablecoins are reaching a pivotal moment—and this gathering marked an important step toward shaping the conversations that will define the space. For us, it was also a moment to take stock of how far the ecosystem has come—and the role Fireblocks continues to play at the center of it.

How would you like to earn yourself millions of dollars? Well, it may just be possible - if you have information which could help expose the identities of cybercriminals involved with the notorious RedLine information-stealing malware. The US Department of State is offering up to US$10 million for information about the government-backed hackers believed to be behind RedLine malware attacks, which have included US critical infrastructure among their targets.

The digital privacy landscape is defined largely by two leading regulatory frameworks: the California Consumer Privacy Act (CCPA) and the European Union’s General Data Protection Regulation (GDPR). For businesses with online operations, understanding how the CCPA and GDPR differ is more than just a legal necessity—it’s a strategic imperative.

At first glance, a donut is harmless, maybe even delightful. But take a bite, and you might find something unexpected inside. Raspberry? Custard? Malware? Okay, maybe not malware (hopefully), but that’s exactly how many cyber threats operate: they hide in plain sight, waiting for the moment you drop your guard. This Donut Day, we’re taking a light-hearted look at five cyber threats that appear harmless but pack a punch.

APIs are essential, but they also represent a growing and complex risk to your organization. Intricate application architectures and an ever-evolving threat landscape already make API security a constant challenge. The increasing reliance on APIs by new technologies, including AI, further amplifies this risk.

When it comes to cybersecurity, organizations face an ever-present and often underestimated threat: human risk. Despite significant advancements in technological defenses, human error remains a leading cause of data breaches and security incidents. Industry studies consistently show that between 70% and 90% of data breaches involve some form of human-related cause—whether through social engineering, errors, or misuse.

A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish). They quickly identified it as a social engineering attack and shared it on our internal communication channel for sharing such things. I have had more and more of these types of similar smishes occurring over the last few months. It is an attempt to trick someone into worrying that their Gemini, Gmail, Microsoft, Instagram…or whatever account…is in the middle of being compromised and you need to react NOW! NOW!

The Cybersecurity Maturity Model Certification (CMMC) 2.0 is the U.S. Department of Defense (DoD)’s updated cybersecurity compliance framework and an evolution of CMMC 1.0.