Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

API keys and passwords are the keys to digital kingdoms, granting access to an organization’s most valuable systems and data. Traditional data loss prevention (DLP) systems often fall short in their attempts to protect sensitive data and secrets, leaving security teams overwhelmed with false positives and noise. At Nightfall, we understand these challenges and the evolving threat landscape across SaaS and endpoints.

The Department of Health and Human Services (HHS) will be implementing sweeping and crucial updates to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule to enhance the protection of electronic protected health information (ePHI). These changes aim to address modern cybersecurity threats and ensure resilience in healthcare data management. In this blog, we will explore the key updates and their implications for healthcare providers and their business associates.

Being able to find and replace specific text within strings is useful for many tasks, including data processing, automation and file management. For instance, replacing outdated information with current data is important for data standardization. PowerShell offers two primary methods for string replacement: For example, suppose we want to replace the string “Hello” with “Hi.” Here is a script for accomplishing this using the Replace() method.

Security measures aren’t keeping pace with the rate at which new technology is going to market. One of the fastest-growing segments of technology, the Internet of Things (IoT) — which includes webcams, smart thermostats, wearable health trackers, and other smart objects — is capturing the industry’s attention and growing rapidly. By 2030, the number of connected IoT devices is expected to grow to 40 billion.

On April 3, 2025, Ivanti disclosed a critical zero-day vulnerability, CVE-2025-22457, affecting Ivanti Connect Secure, Policy Secure, and ZTA Gateways. This stack-based buffer overflow allows remote unauthenticated threat actors to achieve remote code execution (RCE) and has been exploited in the wild. At the time of writing, exploitation has only been observed in Connect Secure, not Policy Secure or ZTA Gateway.

When Broadcom acquired VMware in autumn 2023, IT professionals knew change was on the horizon. However, the latest licensing updates from Broadcom have sparked widespread confusion and frustration among VMware users. Effective April 10, 2025, Broadcom is raising VMware’s minimum core licensing requirements to 72 cores. That means if you plan to place a new VMware order after that date, the minimum order you can place will be 72 cores.

‍ On March 14th 2025, we detected a malicious package on npm called node-facebook-messenger-api. At first, it seemed to be pretty run-of-the-mill malware, though we couldn’t tell what the end-goal was. We didn’t think much more of it until April 3rd 2025, when we see the same threat actor expand their attack.

Nightfall has been named a leader in Data Loss Prevention (DLP), Sensitive Data Discovery, Data Security, and Cloud Data Security in G2’s Spring ‘25 reports. We’d like to extend a huge thank you to all of Nightfall’s customers and supporters for making this possible - and an even bigger thank you goes to the Nightfall team’s tireless dedication to building solutions that protect our customers’ sensitive data across the sprawling enterprise attack surface.

Phishing attacks are driving a surge in “double brokering” scams in the shipping industry, according to Christian Reilly, Cloudflare’s Field CTO for EMEA. In an article for TechRadar, Reilly explains that these scams have risen by 400% since 2022, and 50% of freight brokers name it as their top concern. “Here’s how they work: Scammers pose as legitimate freight brokers or create fake transportation companies,” Reilly writes.

Attackers are using new tactics in QR code phishing (quishing) attacks, according to researchers at Palo Alto Networks’ Unit 42. Quishing attacks hide phishing URLs within QR codes, allowing them to more easily evade security filters and trick the user into opening the link on their phone.