Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Trustwave SpiderLabs has assessed with high confidence that the threat group Blind Eagle, aka APT-C-36, is associated with the Russian bulletproof hosting service provider Proton66. Blind Eagle is a threat actor actively targeting organizations across Latin America, with a notable focus on Colombian financial institutions.

Having email on the dark web is disturbing and more indicative of the fact that you are a target for cybercriminals. If your email address has been found in leaks stemming from a major data breach or somewhere due to unkept security, it makes you more vulnerable to identity theft, financial fraud, or personal extortion. But exactly what happens if your email is on the dark web?

AI and automation hold massive potential, but they can’t come at the expense of trust and control. That perspective, shared by Jerry Silva of IDC during our Financial Services Summit 2025 keynote, underscores a central tension in financial services: How do we adopt transformational technologies without undermining the very controls that define our industry? For decades, firms have operated under a familiar set of rules about compliance, security, data management, and efficiency.

As cyber threats grow in frequency and sophistication, organizations are increasingly turning to managed security services to help monitor, detect, and respond to attacks. Two prominent security solutions have emerged to these needs: Managed Detection and Response (MDR) and Managed Extended Detection and Response (MXDR). While both aim to enhance an organization's ability to detect and respond to threats, they differ significantly in scope, capabilities, and suitability for various environments.

In today’s hybrid and multi-cloud environments, piecemeal identity tools can create a messy, difficult solution set. That’s why top analysts at KuppingerCole are identifying vendors that offer more than standalone solutions—they’re recognizing those that deliver a true identity fabric. We’re proud to share that in the 2025 KuppingerCole Leadership Compass for Identity Fabrics, One Identity has been named an Overall Leader in this evolving space.

FedRAMP has strict requirements for the security of the companies looking to earn their certification. Among the many requirements you need to navigate are tests from your C3PAO, simulating malicious actors and common threat vectors. In order to understand what you need to do to pass, it’s worth going over what penetration testing is, what red teaming is, what the scope of FedRAMP pen testing includes, and what the rules of engagement encompass.