Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Back in 2022, PCI DSS v4.0 set the stage for a new era of payment security. For the first time, it asked organizations to look beyond their servers and into the browser itself. Then, on April 1, 2025, the “future-dated” requirements, 6.4.3 and 11.6.1, moved from guidance to mandate, decisively shifting attention to mitigating client-side risk. In plain English, the spotlight is now on what’s happening in the browser.

As Anti-Virus and EDR solutions improve in detection and response capabilities, the job of a red teamer can become quite arduous. Malware payloads and techniques that once dominated networks have failed the test of time as EDR becomes aware of them. If your initial access payloads are detected immediately, your six-week long red team could be dead on arrival.

The systemic nature of software supply chain attacks is growing more complex, creating a critical tension between speed and security. The Israeli National Cyber Directorate’s (INCD) recent “Breaking the Chain” report validates that the most significant threats live outside your first-party code, highlighting a crisis of trust in the open-source-software (OSS) supply chain.

NTLM Relay attacks should be history. Yet in 2025, they remain one of the most effective ways to compromise Active Directory. We first covered this problem back in 2020, when we wrote about a troubling vulnerability that refused to die: NTLM Relay attacks. At the time, many believed NTLM Relay attacks were a relic of the past, an old problem long solved by Kerberos and modern authentication protocols.

Configuration management enforces consistent endpoint and system policies to prevent misconfigurations, reduce risk, and simplify compliance. By establishing secure baselines, automating enforcement, and detecting configuration drift, organizations strengthen their security posture. Netwrix Endpoint Management further enhances protection with automated monitoring, rollback, and compliance alignment to safeguard sensitive data and identity-based access.

Unified Non-Human Identity (NHI) security platform now features integrated Public Monitoring, one-click secret revocation for GitHub/GitLab/OpenAI, and enhanced graph intelligence. Close the attack window with automated remediation and expanded visibility.

The holidays bring joy, celebration, and a flood of scam texts designed to steal your money, data, and peace of mind. Every holiday season brings excitement, and unfortunately, a surge in SMS scams targeting unsuspecting consumers. These scam messages might be tiny, but their impact can be huge, ranging from financial loss to identity theft. According to the U.S. Federal Trade Commission, people reported $470 million in losses from text-based scams in 2024, a fivefold increase since 2020.

Privileged accounts are often treated as background plumbing until something goes wrong. They sit across cloud consoles, databases, and pipelines and have the power to alter configurations or bring production to a halt, making them a favorite target of bad actors. Credential theft surged 160% in 2025, making stolen identities one of the fastest-growing attack vectors.

New research out of AhnLab documents the Cephalus ransomware group has been aggressively exploiting stolen Remote Desktop Protocol (RDP) credentials to break into networks and execute rapid, destructive encryption campaigns. The pattern is straightforward and brutal: credentials get you in, and once inside the attackers move fast to blind and break recovery.

Cyber attacks are often associated with cybercriminals, but how do they manage to breach organizations with high-tech security systems? There are always some loopholes left by mistake or through malicious intent that allow attackers to exploit vulnerabilities. This is known as an insider threat. The problem with insider threats is that they are difficult to spot and cause more damage because they come from trusted insiders with legitimate access.