US Offers $10 Million Reward for Tips About State-Linked RedLine Cybercriminals

How would you like to earn yourself millions of dollars? Well, it may just be possible - if you have information which could help expose the identities of cybercriminals involved with the notorious RedLine information-stealing malware. The US Department of State is offering up to US$10 million for information about the government-backed hackers believed to be behind RedLine malware attacks, which have included US critical infrastructure among their targets.

Thoughts from Stablecon 2025: Stablecoins at an Inflection Point

This year at Stablecon 2025, I had the privilege of delivering the opening keynote on behalf of Fireblocks. We supported the inaugural event as title sponsor because we believe stablecoins are reaching a pivotal moment—and this gathering marked an important step toward shaping the conversations that will define the space. For us, it was also a moment to take stock of how far the ecosystem has come—and the role Fireblocks continues to play at the center of it.

6 Core Components of an Alertless SOC Security Teams Should Know

The traditional approach to managing security operations centers (SOCs) is straining the mental and physical reserves of even the most skilled security analysts—while also failing to provide the protection organizations need against today’s threats. Analysts are left to respond to a never-ending stream of alerts, resulting in an overwhelming, reactive cycle that stifles proactive investigation and threat hunting.

Fake MFA Reset Warning Message

A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish). They quickly identified it as a social engineering attack and shared it on our internal communication channel for sharing such things. I have had more and more of these types of similar smishes occurring over the last few months. It is an attempt to trick someone into worrying that their Gemini, Gmail, Microsoft, Instagram…or whatever account…is in the middle of being compromised and you need to react NOW! NOW!

MDR vs SIEM: Which is Right for Your Organization?

The decision to buy a Security Information and Event Management (SIEM) product or outsource to a Managed Detection and Response (MDR) depends on a number of factors, including the size of your organization, the complexity of your IT infrastructure, and your overall security needs. Before we get into the main discussion, let’s step back and define what we are talking about so everyone is on the same page.

Why Continuous Vulnerability Assessment Beats One-Time Scans for Real Security

Most organizations still treat vulnerability assessment (VA) as a checkbox activity, run a scan, generate a report, and move on. But security doesn’t work in isolated snapshots. Applications are dynamic, threats evolve by the hour, and even minor code changes can open new attack surfaces. This is where continuous vulnerability assessment (CVA) becomes essential.