Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Marbled Dust exploits a zero-day vulnerability in Output Messenger, a sophisticated phishing campaign uses Horabot malware, and TA406 shifts its targeting behavior.

The summer travel season is almost here, and travelers worldwide are in the process of booking their holidays, thus placing some of their most vital personal and financial information into the hands of the hospitality industry. A fact not lost to threat actors who thrive on gaining access and stealing this data.

The boy who cried wolf goes back to a fable where a shepherd boy mocked the other villagers by telling them that a wolf was attacking the flock. The villagers believed him at first, but he was just laughing with them. When the shepherd boy repeated his joke, villagers started to ignore him and at some point a real wolf comes and attacks the sheep. The boy ‘cried wolf’ but nobody believed him anymore.

Attackers have made a decisive switch toward stealthy, identity-centric attacks. Forget breaking in – modern cybercriminals simply log in. And that should be a concern. According to the IBM X-Force 2025 Threat Intelligence Index, nearly one-third of intrusions in 2024 were initiated not through sophisticated attacks, but through valid account exploitation.

Online fraud remains a significant and rapidly expanding threat in today's cyber threat landscape. According to the FTC, consumers in the U.S. lost a staggering $12.5 billion to fraud in 2024, a 25% surge from the previous year. The most commonly reported category? Imposter scams. This difficult-to-intercept form of fraud alone accounted for $2.95 billion of those losses.

By now we’re all familiar with the capabilities of generative AI for creating images. For some tasks, like casting an existing image in a recognizable art style, it works well. Much more than that and it encounters limitations: complex prompts often don’t return exactly what you imagined and iterating on a failed prompt can quickly become time-consuming.

Calico provides a unified platform for all your Kubernetes networking, network security, and observability requirements. From ingress/egress management and east-west policy enforcement to multi-cluster connectivity, Calico delivers comprehensive capabilities. It is distribution-agnostic, preventing vendor lock-in and offering a consistent experience across popular Kubernetes distributions and managed services.

Asset discovery and risk mapping represent fundamental components of effective cybersecurity operations. Organizations face significant challenges in maintaining accurate inventories of their IT assets across on-premises, cloud, container, and IoT environments. Deception technology provides technical capabilities that enhance asset discovery while delivering actionable risk intelligence based on adversary behavior.

This month marks an exciting milestone – LevelBlue’s first anniversary. One year ago, we launched with a clear mission: to simplify cybersecurity and help organizations achieve meaningful, outcome-driven security in an increasingly complex threat landscape. Now, a year in, I’m incredibly proud of how far we’ve come.