How to get started with Cloud Security Management on Azure
Learn how to quickly set up Cloud Security Management on Azure.
Exploited! Kentico Xperience Staging Service Authentication Bypass Vulnerabilities (CVE-2025-2746 & CVE-2025-2747)
Recently, two critical security flaws were discovered in Kentico Xperience 13, a popular digital experience platform (CMS). Tracked as CVE-2025-2746 and CVE-2025-2747, these vulnerabilities allow unauthenticated attackers to bypass the Staging Sync Server’s authentication, potentially gaining administrative control over the CMS.
Understanding NTLM and Kerberos: Key Differences and Use Cases
Connecting all your company resources in a network for sharing is valuable, but you need a way to verify that only authorized users and devices can access these resources. Authentication serves this purpose by providing methods for users and devices to prove their identity. In Windows environments, two main authentication protocols are used: NTLM (New Technology LAN Manager) and Kerberos. In this article we will discuss NTLM vs Kerberos and show why it is important to implement Kerberos if possible.
Frag explodes onto the scene - New DLS emerges for Frag ransomware
In 2024, Cyjax observed the emergence of 72 extortion and ransomware group data-leak sites (DLSs). As of late March 2025, Cyjax has identified DLSs for 21 new groups this year, as noted in recent blogs on Morpheus, GD LockerSec, Babuk2, Linkc, Anubis, and Arkana. The latest DLS Cyjax has identified is named Frag, which constitutes one of 14 new DLSs identified in March 2025 alone.
How to use Datadog Cloud Security Management
Learn how to identify and remediate your top cloud security risks using Datadog's Cloud Security Management.
How to Build a Mature Vulnerability Management Program
The terms “patch management” and “vulnerability management“ are not the same. And that difference is a big difference. They may be confused because applying patches is one of the many ways to mitigate cyber risks. However, it is one piece of the entire vulnerability management puzzle and organizations that do not realize this are burdened with a false sense of security.
The True Cost of Failure to Comply with NIS2
Cybersecurity regulations are constantly evolving to keep pace with emerging cybersecurity risks, and the Directive on Security of Network and Information Systems (NIS) is no exception. The introduction of NIS2 in December 2022 reshaped the compliance landscape across the EU, and organizations that don’t meet its requirements risk facing far more than just regulatory fines. The true cost of NIS2 non-compliance can be devastating, affecting not only finances but also business continuity and trust.
How to use Cloud Security Posture Management
Learn how to detect and remediate infrastructure misconfigurations using Cloud Security Management.
