The 3 Types of Criminal Hackers

Criminal hacker groups fall into three broad camps, from ideologically driven actors attacking targets they dislike, to profit focused crews and state backed operators hiding behind deniability. Money driven groups dominate the landscape, yet all three types break systems, disrupt services and shape the threat model security teams face. ⸻ For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com. We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion..

The best risk management software for 2026

For many organizations, risk management is still stuck in the past—reliant on spreadsheets, manual reviews, and static registers that go stale shortly after they’re created. Without clear ownership or automation, treatment plans linger, and accountability slips. Risks remain fragmented across departments, disconnected from business impact and board visibility. ‍ At the same time, emerging threats are evolving faster than ever.

Teams sprawl: Managing Microsoft Teams proliferation

Teams sprawl is one of the most overlooked security risks in Microsoft 365 environments. When all your employees can create teams on demand, without approval, naming conventions, or expiration policies, the result is hundreds of ungoverned workspaces with no clear ownership, inconsistent naming, and scattered data. That governance gap creates measurable risk.

LevelBlue's Managed Detection and Response (MDR) Helps Unify Your Cyber Defense

A fragmented collection of security tools and services can’t deliver the protection modern organizations require. True resilience comes from integrating those capabilities into a unified, coordinated defense. LevelBlue recognizes that the full value of Managed Detection and Response (MDR) is realized when it operates as more than a standalone service. When positioned as the central nervous system of a broader security ecosystem, MDR connects signals, actions, and intelligence across the environment.

The Future of AI Agent Security Is Guardrails

If you've been paying attention to the AI agent space over the past few months, you've probably noticed a pattern: every week brings a new story about an AI agent doing something it absolutely should not have done: reading private emails, exfiltrating credentials, or executing shell commands that a human would have never approved. The OpenClaw saga alone gave us exposed databases, command injection vulnerabilities, and a $16 million scam token, all in the span of about five days.

How to Implement Separate B2B and B2C Login & Onboarding in Shopify

Shopify stores are evolving beyond simple retail operations. What once was a primarily consumer-focused platform is now powering complex B2B experiences with tiered pricing, customer groups, and negotiated catalogs catering multiple B2B vendors and companies. However, as stores diversify their audiences, authentication becomes a critical pain point. A login flow designed for retail customers might be fast and convenient.

A Match Made in Heaven: How Valentine's Day Fuels Seasonal Phishing Attacks

Valentine’s Day runs on emotion. Surprise, urgency, curiosity, trust, love. For threat actors, that combination is hard to beat. Every year in mid-February, security teams see the same pattern. Phishing campaigns pick up. Brand impersonation increases. Fraud attempts follow close behind. It is not because attackers suddenly developed new techniques.

Exploitability Isn't the Answer. Breakability Is.

Why don’t developers fix every AppSec vulnerability, every time, as soon as they’re found? The most common answer? Time. Modern security tools can surface thousands of vulnerabilities in a given codebase. Fixing them all would take up a development team’s entire capacity, often competing with feature development and other priorities.

The ultimate match: Why integrated services make protection stronger for MSPs

Valentine’s Day is all about perfect pairs, and in cybersecurity, nothing creates more operational harmony than natively integrated services working together. That’s where unified cyber protection shines. Whether it’s the synergy of RMM and EDR, RMM and backup or email security and security awareness training, natively integrated cyber protection delivers efficiency and resilience that standalone tools can’t match.