Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Penetration testing (or ‘pen testing’) is a critical cyber security practice that helps businesses identify and fix vulnerabilities before attackers can exploit them. However, most businesses prioritise external threats, such as phishing, malware, and network breaches, while overlooking threats and risks that exist within the network.

The threat facing healthcare organizations worldwide is being recognized at the highest level, with the United Nations calling for international cooperation to combat the issue. The international organization has asked its members to support fellow member nations by providing technical assistance and guidelines to bolster the resilience of health infrastructure against attack.

What a week it was in London! KubeCon + CloudNativeCon Europe 2025 had all the energy of a music festival for cloud-native tech — and it didn’t disappoint. I had the pleasure of hitting the ground with Kevin Jackson and Rodolfo Casas, and right from the start, it felt like we were back with our extended family.

Arctic Wolf has observed an uptick in activity from the Silent Ransom Group, a cybercriminal group first identified in 2020 and notorious for its targeted cyber extortion campaigns driven by financial gain. This week, the group has been targeting the legal industry using “call-back” phishing tactics. The group sends emails impersonating services such as Duolingo or Masterclass, claiming a pending charge and urging recipients to call a phone number to resolve the issue.

Kubernetes has become the foundation for modern applications—but with great flexibility comes greater complexity and risk. Whether it’s an accidental misconfiguration, a failed update, or a cluster-wide outage, disruptions happen fast—and when they do, they impact both your containers and the virtual machines (VMs) running alongside them. In these high-stakes moments, your recovery plan is what makes the difference between a brief hiccup and a full-blown disaster.

Data and proactive insights garnered therein are vital strategic assets in the modern digital era. Amidst this backdrop, global regulations notably starting with the European Union (EU) Global Data Protection Regulation (GDPR) have become the vanguard to: It’s important to note too, that data sovereignty enables individual ownership of data and supports individuals to fully control how it is used while assuring that their data is protected in compliance with local regulations.

Keeper Password Manager was rated as a leading enterprise, mid-market and small business password manager for Spring 2025 by users on G2, the world’s largest and most trusted software marketplace. Within the Spring 2025 report cycle, Keeper earned a G2 Milestone Badge, surpassing 1,000 reviews from a variety of customers, including Small Business, Mid-Market and Enterprise end users and admins alike.

On April 4, 2025, The Australian Financial Review reported on a set of credential abuse attacks targeting multiple Austrian superannuation funds. These attacks were not breaches of the infrastructure of those companies, but compromises of individual customer accounts via stolen credentials. How were those customer credentials stolen?

The Network and Information Security (NIS) directive was introduced in 2016 to outline cybersecurity obligations across the EU and enable operational resilience for in-scope organizations. In 2020, the European Commission proposed the directive’s revision, which led to the formal adoption of NIS 2 in 2022. ‍ In this guide, we answer the common question of organizations impacted by the directive—What is NIS 2?

ISO 27001 is a globally recognized standard for building robust information security management systems (ISMS). The standard is closely aligned with NIS 2—a mandatory EU directive designed to fortify the cybersecurity posture of critical infrastructure among Member States. ‍ These two frameworks form a unique symbiotic relationship due to the potential overlap in the requirements and controls.