Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this article, we’ll analyze how threat actors exploit TLS to hide their operations and how defenders can use exposed certificate metadata to detect them. We will discuss: Let’s get started! (This article is part of our Threat Hunting with Splunk series. We’ve updated it recently to maximize your value.)

Software installer packages are a cornerstone of user-friendly software distribution. Tools like Inno Setup, NSIS (Nullsoft Scriptable Install System), and InstallShield help developers bundle their applications into a single, streamlined installer that users can run with just a few clicks. These installers often include everything needed to set up a program, files, configurations, and even system dependencies, making software installation seamless and accessible.

Alex was the kind of IT administrator who kept everything humming smoothly behind the scenes at QuantumAxis Corp. Servers, user accounts, random requests at 4:55 PM on Fridays—he put out the fires and stayed out of the drama. So, when the CISO asked for a “quick chat,” he braced himself. “Alex,” she said, with zero preamble, “we’ve had too many close calls lately.

Scattered Spider has emerged as one of the most disruptive advanced persistent threats in recent years, breaching major organizations across telecom, gaming, transportation, and retail. In the last few months, the group has escalated its activity—targeting financial services and launching coordinated ransomware campaigns that have crippled operations and exposed sensitive data.

Minna Bank (“Minna no Ginko”), Japan’s first digital-native bank and a subsidiary of Fukuoka Financial Group, has announced a landmark initiative to explore how stablecoins and Web3 wallets can transform everyday financial services. In collaboration with Fireblocks, Solana, and TIS, the study will assess the technical and practical applications of stablecoins for real-world payments, trading, and next-generation user experiences.

June sustained the stablecoin momentum, especially in the U.S., where legislation is at the final stretch. Around the world, regulators continued refining crypto intermediary and tokenization frameworks.

As of March 31, 2025, full enforcement of the PCI DSS 4.0 guidelines is now in effect. This latest version introduces critical updates that strengthen payment card data security across digital environments. Among the most notable changes are requirements that target client-side security, an area that has been largely overlooked until now.

Not all log management and log analysis tools are created equal. With organizations like yours generating large amounts of log data, understanding how to manage, analyze, and secure these log files is key for maintaining system performance, meeting compliance requirements, detecting performance issues, and responding to incidents faster.

Author: Bex Bailey Our 2025 Phishing By Industry Benchmarking Report examines why organizations across Asia face some of the highest levels of cybersecurity risk worldwide. In fact, Forrester reveals that organizations in Asia Pacific (APAC) experience an average of 3.5 breaches within a 12-month period versus 2.8 globally. Organizations in the region also experience a cumulative cost of US$2.8 million against the global mean of US$2.7 million.

Many organizations face significant challenges with onboarding teams to a new or existing SIEM. Security teams grapple with escalating expenses tied to data ingestion, storage, and retention at scale. Steep learning curves can make setup an ongoing and frustrating chore, leading to mistakes and gaps in coverage. Further, SIEMs with constrained ecosystem integrations block users from the tools and customizable workflows they need and are comfortable with.