We know that everyone loves a feel-good, optimistic story, and when we set out to write our annual State of the Underground report — an analysis of nearly 2 billion intelligence items that we collected in 2024, including posts from underground forums and markets, Telegram messages, and news articles — we hoped to find the cyber equivalent of a cup of hot chocolate.

Recently, industry analyst Jon Oltsik outlined a critical shift underway in cybersecurity: the move toward a threat-informed defense. As Oltsik describes, organizations are beginning to strengthen the intersection of vulnerability scanning and threat intelligence, using AI to bolster asset classification and risk scoring. This evolution is essential as enterprises seek to move beyond fragmented security practices and build a more cohesive exposure management strategy.

Cybersecurity threats continue to evolve, posing very real risks to organizations, and nowhere is this risk more pronounced than in entities that handle a nation’s critical infrastructure, as these attacks put public health and safety at risk, harm the environment, or disrupt critical services. The Gulf Cooperation Council (GCC) region plays a vital role in the petroleum industry, with Saudi Arabia ranking among the world's top 10 oil producers by daily output.

By rating your present AI Maturity level and your desired future state, you can create a focused action plan to move forward confidently and securely. AI adoption doesn’t have to be overwhelming, it just requires a clear, intentional approach.

Infostealers threaten corporate security, Google observes 75 zero-day exploits in 2024, and Gremlin Stealer appears in an underground forum.

You’ve just finished your Microsoft Sentinel deployment and have your shiny new SIEM up and running. Is your job done? Can a SIEM ever really be finished? The answer is “no” because your organization’s needs change, new technologies emerge, and cyber attack vectors constantly evolve.

The expansion of cloud applications and mobile devices has created unlimited endpoints, leaving data vulnerable to security threats. In fact, Cryptographic failures rank no.2 in OWASP’s top 10 web application security risks. Effective cryptographic key management is crucial to protecting data, as a single compromised key could result in a massive data breach. This blog will explain some of the best practices for cryptographic key management.