To counter sophisticated modern threats, LevelBlue is partnering with Fortra to integrate Fortra’s best-in-class solutions with LevelBlue’s elite managed services, delivering a comprehensive security offering. As part of this long-term partnership, LevelBlue will acquire the managed services of Fortra’s Alert Logic Managed Detection and Response (MDR), Extended Detection and Response (XDR), and Web Application Firewall (WAF) solutions.

In the race to innovate, software has repeatedly reinvented how we define identity, trust, and access. In the 1990's, the web made every server a perimeter. In the 2010's, the cloud made every identity a workload. Here in 2026, agentic AI makes every action autonomous.

There are numerous ways of carrying out cyberattacks. Identity is now one of the most common ways attackers gain access to systems. Instead of malware or exploits, attackers rely on stolen credentials or reused passwords. They abuse permissions to carry out sophisticated attacks that appear normal on the surface. Basic monitoring tools cannot detect these attacks. Identity misuse is becoming more common. Many organizations now work across cloud services and remote access.

On January 29, 2026, Ivanti released fixes for two critical zero-day code injection vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). The vulnerabilities, tracked as CVE-2026-1281 and CVE-2026-1340, impact the In-House Application Distribution and Android File Transfer Configuration features and allow unauthenticated remote threat actors to achieve remote code execution.

During routine Dark Web Monitoring activities, Our Threat Intelligence Team identified a newly active ransomware operation calling itself The Green Blood Group. The group operates a dedicated Tor-based leak site and follows a double-extortion model, threatening public disclosure of victim data when negotiations fail. The screenshot shown above captures the group’s Tor portal in its current state.

CVE-2026-24858 is a critical authentication bypass vulnerability(CWE-288: Authentication Bypass Using an Alternate Path or Channel) in Fortinet products. It affects FortiOS, FortiAnalyzer, FortiManager, and potentially FortiProxy. An attacker with a FortiCloud account and registered device can log into devices registered to other accounts if FortiCloud SSO is enabled. Disclosed January 27, 2026, as actively exploited zero-day. CVSS 9.4 (some sources cite 9.8).

For lean teams, ISO 27001 can feel like a lot to take on. You’re expected to set up a formal security program, assess risks, write and maintain a long list of policies, and have audit-ready proof on hand—often without a large security or compliance headcount. ‍ On top of that, manual work and outside consultants can get expensive fast, pulling founders, engineers, and operators away from building the product and growing the business.