Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from March about espionage activities by threat actors Green Nailao and UNC3886.

Ransomware remains the primary threat the healthcare industry faces. However, threat actors do have a preference when it comes to which segment to attack. Trustwave SpiderLabs’ just released Healthcare Sector Deep Dive: Ransomware Trends and Impact, examines which healthcare sub-industries attract the most attention from threat actors, breaks down which adversarial groups conduct the attacks, and the impact specific attacks had on their victims.

Vendor fraud is a type of financial abuse that occurs when fraudsters pose as legitimate businesses to trick companies and individuals into paying for services they’ll never receive. These schemes exploit organizations, putting their victims at risk for financial and reputational losses. Moreover, the occurrence of vendor fraud has been rising in the last few years.

Monitoring the health of your infrastructure and services requires you to understand the performance of fundamental system processes. But particularly in large environments, the sheer volume of processes can make their performance and resource usage difficult to track, let alone troubleshoot.

Protecting military secrets is critical to national security. It’s not just about securing information; it’s about ensuring our safety and maintaining a strategic advantage. Sweeping legislation, technology, and security protocols are in place to prevent classified information leaks within Defense, which extend down to Defense contractors. However, despite technological advances, humans remain the weakest link when it comes to protecting national secrets.

After implementing a DevSecOps strategy from the ground up — including secure design, testing and monitoring, and risk-based remediation — you will need to focus on analysis and governance. After all, organizations need to regularly measure and refine their security processes to mature their DevSecOps programs.

In agile and DevOps-driven environments, APIs are frequently updated to meet evolving business demands, from adding new features to addressing performance issues. However, each deployment introduces potential security risks, as new code, configurations, and endpoints can expose vulnerabilities. In an environment of continuous integration and continuous deployment (CI/CD), the security of an organization’s APIs hinges on rigorous, continuous testing and proactive risk management.

Estee Robinson leads global alliances for Devo and is responsible for defining and executing Devo’s channel strategy. She was named a 2025 Channel Chief by CRN, which recognizes influential leaders who drive the channel agenda and evangelize the importance of channel partnerships. Estee’s work on channel strategy helped land Devo in the CRN Partner Program Guide and inclusions in the CRN Cloud 100 and Security 100 lists for 2025.

Success in threat hunting is vastly different from incident response. Incident responders can measure success in criteria like ticket volume, mean time to close, or escalations. For threat hunting, the number of hunts vs. incidents is not comparable because hunts take longer, and the average time to complete a hunt can vary wildly. More importantly, most hunts will not result in incidents. We can’t use the same metrics! Our critical metrics of success are our outputs/deliverables and documentation.

Blockchain innovation is accelerating, offering new opportunities for developers to create secure applications. However, integrating blockchain infrastructure is getting increasingly complex. With more fragmentation, developers often have to juggle multiple tools, workarounds, and technical intricacies to manage network data, retrieve asset properties, and execute transactions effectively. This slows down innovation, increases operational overhead, and diverts focus from building great products.