Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The reality is clear: passwords remain one of the most-targeted—and most vulnerable—gateways into business IT environments. As cyber threats increase and evolve, relying on outdated password practices simply isn’t enough anymore. This Cybersecurity Awareness Month, let’s modernize our approach and treat password security not as a checkbox, but as a cornerstone of effective cyber resilience.

Torq AMP spotlights the partners redefining what’s possible in security operations. Each partner brings a unique strength that seamlessly extends Torq’s autonomous SOC platform. Together, these partnerships help SOC teams achieve speed, accuracy, and scale that were once out of reach. Explore the future of SOC in the AMP’d Sessions video series. Cloud has changed everything: how we build, how we deploy, and how attackers strike.

The BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) researchers recently analyzed attacks of an adversary targeting users based in Brazil via WhatsApp. The attack lures users into downloading a zip archive. The zip archive contains a shortcut file (.lnk) which ultimately downloads and executes a banking trojan which BlueVoyant researchers have dubbed Maverick internally based off the naming convention used by the attackers.

Researchers at Foresiet are actively investigating a major data leak targeting Red Hat, following claims made by Scattered LAPSUS$ Hunters, who have reportedly joined forces with the Crimson Collective, following claims made by the Scattered LAPSUS$ Hunters, who have reportedly teamed up with the Crimson Collective.

Many teams assume that embedding payment forms in an iframe keeps them compliant with PCI DSS 4.0.1, Requirement 6.4.3. The reasoning sounds logical – compliance seems guaranteed if card data never reaches your infrastructure. However, iframe payment security PCI DSS 6.4.3 doesn’t work on assumptions; it works on control. The responsibility shifts to new layers of your website’s supply chain.

DevSecOps is often discussed as the solution for integrating security into rapid development cycles. Yet, misconceptions about what it is and how it works can prevent teams from adopting it. As an engineering manager, you need to balance speed with quality, and introducing a new methodology can seem disruptive. The truth is, a well-implemented DevSecOps framework doesn’t create bottlenecks; it removes them. It empowers your team to build secure, high-quality software faster.