Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Teleport 17 marks our final major release of the year, bringing significant enhancements to our platform. In the six months since Teleport 16, we've not only developed this major release but also introduced several valuable features through minor and patch updates. A core theme for this release is scalable, secure, and resilient infrastructure access. This starts with our expanded focus on AWS Access. Teleport 17 includes preview support for AWS IAM Identity Center.

The explosive growth of computing infrastructure has ushered in a new era of complexity for engineering, infrastructure, and security teams. Managing access, identities, and policies across thousands—or even tens of thousands—of resources such as physical servers, multi-cloud platforms, and web apps is no small feat in itself.

ROPA is primarily utilized by organizations subject to data protection regulations. While it is a legal requirement for businesses of all sizes handling personal data, it is especially critical for large enterprises that process substantial volumes of data or sensitive information. Compliance officers, data protection officers (DPOs), legal teams, and IT departments often rely on ROPA to demonstrate compliance to regulators during audits or investigations.

SenseOn has detected a large increase in the Lumma Stealer malware targeting customers over the past few months. Unlike traditional malware strains, Lumma Stealer has been leveraging a unique, and increasingly effective, access vector of fake CAPTCHA verification prompts. These deceptive prompts trick users into running malicious commands on their device eventually injecting malicious processes into legitimate programs. This attack vector is expected to become even more prevalent throughout 2025.

Vendors increasingly claim to offer SecOps platforms. Yet, their solutions are so different from each other that buyers find themselves wondering what the term “SecOps platform” even means. We’d like to give a straightforward answer to that question.

A look back at 2024: A year of breakthroughs, advancements, and unwavering commitment to elevating NHI and secrets security for organizations.

The AI space is developing rapidly but is still largely uncontrolled. According to The State of Trust Report 2024, 62% businesses plan to invest more in AI security in the next 12 months. ‍ The good news is that AI security can now be better implemented with the help of many authoritative new AI standards and frameworks rolled out in the past few years. The aim with any of these standards is to remove the uncertainty around AI systems and ensure responsible implementation.

Fuzz testing is most commonly classified based on its analysis approach. The two main categories of fuzz testing solutions are white-box and black-box fuzzers. In this blog, we explain the difference between approaches as well as their main features.

TL;DR: The new EU cybersecurity directive, NIS2, is already reshaping how software suppliers do business through stricter vulnerability management requirements in procurement contracts. This shift is gaining momentum, and more companies will need to adapt. Aikido helps automate compliance reporting and vulnerability tracking to meet these new demands. Start your free compliance journey here, or read on to understand what this means for your business.

The year 2025 started with a bang, with these cybersecurity stories making headlines in the first few days: As the global threat landscape intensifies, the need for in-depth research and information sharing has never been greater. Our mission at CyberArk Labs is to empower cyber defenders with threat insights that help strengthen their identity security strategies.