CrowdStrike 2025 Latin America Threat Landscape Report: A Deep Dive into an Evolving Region

Latin America has quickly become a hotspot for cyber activity. The region’s rapid digitalization, expanding cloud adoption, and evolving geopolitical friction have drawn the attention of both financially motivated eCrime actors and strategic nation-state adversaries. The CrowdStrike 2025 Latin America Threat Landscape Report provides key insights into cyber activity across Central and South America, Mexico, and the Caribbean.

May 19, 2025 Cyber Threat Intelligence Briefing

This week’s briefing covers: Coinbase Insider Threat Leads to Theft of Customer Data Coinbase has released a blog post and filed an SEC Form 8-K reporting an incident whereby they received an email attempting to extort the company for $20m. According to the post, the threat actors approached customer support staff and “used cash offers to convince a small group of insiders to copy data in our customer support tools”. Stolen data includes personal details including identity documents and account data include balance and transaction history.

Warning: Phishing Kits Can Auto-Generate Tailored Login Pages

Commodity phishing kits are increasingly serving dynamically generated phishing pages, according to researchers at ESET. These kits allow unskilled threat actors to launch sophisticated attacks tailored to individual users. ESET describes one of these attacks, using a phishing email that informed the user of an unfamiliar sign-in to their account.

Nessus Vulnerability Scanner: Capabilities, Workflows, and Limitations

For many cybersecurity teams, Nessus is the scanner they started with; a reliable, battle-tested tool that’s been part of the security stack for over two decades. Backed by Tenable’s extensive vulnerability database, Nessus is known for its accuracy in identifying known CVEs and misconfigurations across networks and systems. But while environments have evolved from on-prem to multi-cloud, from VMs to containers, Nessus has primarily stayed the same.

Federal IT Modernization: Balancing Efficiency with Advanced Cybersecurity

As 2025 unfolds, U.S. federal agencies are navigating significant operational shifts that are impacting their overarching cybersecurity strategies. Government security leaders have always emphasized stringent cybersecurity practices in the face of dynamic threats.

Beware of Coinbase Scams

I got this Coinbase-related scam in my personal inbox last week. Coinbase is one of the world’s largest cryptocurrency exchange sites. So big and trusted, it’s the first cryptocurrency exchange to be added to the US S&P 500. I’ve been a Coinbase member from the beginning, so this email got my attention. I was pretty skeptical from the start, and upon further exploration, it was definitely a scam.

Must-Have Fintech Security Tools for CTOs

Fintech CTOs aren’t short on tools; they’re short on the right ones. Between fast-moving DevOps pipelines, open banking integrations, and cloud-native architectures, security often lags behind innovation, not due to negligence, but because traditional tooling fails to keep up. Modern fintech threats like API abuse, IAM misconfigurations, and privilege escalations don’t wait for quarterly audits. They exploit real-time gaps between development and security operations.

How Fidelis Elevate Achieves Active Threat Detection

Modern security teams face a dual challenge: they’re bombarded with alerts while still missing critical signals that indicate real threats. Fidelis Active Threat Detection tackles this problem by correlating weak signals across multiple phases of attacks, transforming them into actionable intelligence. Let’s examine the technical mechanics behind this capability within the Fidelis Elevate platform.