Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.

NIST hardening standards and best practices refer to a collection of guidelines and recommended methods created by NIST (National Institute of Standards and Technology). These standards are crafted with the intention of strengthening the security and robustness of information systems. They serve as a structured approach for organizations to fortify their systems against possible security vulnerabilities and the risks associated with them.

The U.S. Department of Health and Human Services (HHS), the governmental body responsible for enforcing and overseeing the Health Insurance Portability and Accountability Act (HIPAA) proposed updates in December 2024, which were added to the Federal Register for comments on January 6th. These updates include changes to the Security Rule, looking to enhance cybersecurity to align with evolving security standards.

Cybersecurity has become a paramount concern for organizations across all sectors in the rapidly evolving digital landscape. As technology leaders, we recognize that while technological defenses are crucial, the human element often represents the most significant vulnerability. Implementing comprehensive security awareness training (SAT) is essential to fortify this human firewall, mitigate risks, and cultivate a security-conscious organizational culture.

CVE-2025-24813 is a critical vulnerability (CVSS base score of 9.8) affecting Apache Tomcat, a widely used open-source web server and servlet container. This issue affects Apache Tomcat: In this blog, we’ll simulate an attack and look at the activity within Graylog. Throughout the analysis, and at the conclusion of the post, we’ll provide practical threat-hunting and detection strategies you can implement in your own environments.

Using “123456” for a password isn’t the only mistake people make when creating login credentials, although this bit tends to get all the press due to the generally absurd choices made. What many people forget or overlook is the importance a unique username plays in keeping accounts secure.

Initial access brokers (IABs) form a key part of the cybercriminal ecosystem. They facilitate access for ransomware groups, data leakers, and advanced persistent threat groups (APTs) into corporate networks. They are highly specialised, professional, and operate in an established, lucrative market which is often characterised by rigid rules and conventions. Every ransomware incident or data breach begins with initial access, following the reconnaissance phase of an attack.

APIs are the backbone of modern apps, but they also introduce some serious security risks. Attackers are constantly on the lookout for vulnerable APIs, shadow APIs, zombie APIs, and exposed sensitive data—all of which are tough to track if you don’t have the right tools in place. That’s why we’ve teamed up with CrowdStrike to make API security easier, faster, and more powerful than ever.

A phishing-as-a-service (PhaaS) platform dubbed ‘Lucid’ is driving a surge in SMS phishing (smishing) attacks, according to researchers at Prodaft. The platform is operated by Chinese cybercriminals who offer access to the service under a subscription model. A Lucid subscription allows crooks to easily craft sophisticated, targeted phishing campaigns.

Steam was the most impersonated brand in phishing attacks during the first quarter of 2025, according to a new report from Guardio. The researchers note that the gaming platform’s surge to the top comes as “a bit of a shock.” “Historically, the spot has been dominated by the usual suspects - big tech companies like Meta, Microsoft, or even USPS,” Guardio says. “But this quarter, it’s Steam, and by a significant margin.