Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When Amazon Web Services (AWS) initially launched in 2006, it offered the first compute, storage, and database cloud service that developers could build on. Over time, AWS became a fundamental cloud service provider as organizations started migrating to the cloud. As one of the three primary cloud services providers, AWS remains integral to most businesses.

CVE-2025-24813 is a critical vulnerability (CVSS base score of 9.8) affecting Apache Tomcat, a widely used open-source web server and servlet container. This issue affects Apache Tomcat: In this blog, we’ll simulate an attack and look at the activity within Graylog. Throughout the analysis, and at the conclusion of the post, we’ll provide practical threat-hunting and detection strategies you can implement in your own environments.

Like every industry, the manufacturing sector has embraced digital transformation to improve operations. Digital manufacturing uses technologies like Internet of Things (IoT) devices, data analytics, and cloud computing to improve production processes and gain efficiencies. With businesses increasingly embracing digital transformation, they face the challenge of securing interconnected systems.

In cybersecurity, the adage “what’s old is new” continues to hold true as attackers resurface longstanding techniques or repurpose them with new twists and adaptations. The popularization of Living Off the Land Binaries (LOLBins) — legitimate, Windows-native tools commonly abused for malicious uses — is a great example of this.

Industrial facilities increasingly rely on interconnected systems to improve operations. As they implement these technologies into their legacy environments, they create new cybersecurity risks within previously isolated Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) by connecting them to public internet-facing applications.

Think about how your banking app connects to payment processors or how your healthcare provider’s system shares records securely – APIs have become essential for modern digital interactions, enabling applications to communicate and share data effortlessly. However, this convenience comes at a cost: APIs often handle vast amounts of Personally Identifiable Information (PII), making them prime targets for API data exfiltration.

Any company that processes payments knows the pain of an audit under the Payment Card Industry Data Security Standard (PCI DSS). Although the original PCI DSS had gone through various updates, the Payment Card Industry Security Standards Council (PCI SSC) took feedback from the global payments industry to address evolving security needs.

For Star Trek fans, space may be the final frontier, but in security, discovering Application Programming Interfaces (APIs) could be the technology equivalent. In the iconic episode “The Trouble with Tribbles,” the legendary starship Enterprise discovers a space station that becomes overwhelmed by little fluffy, purring, rapidly reproducing creatures called “tribbles.” In a modern IT department, APIs can be viewed as the digital tribble overwhelming security teams.

As cyber threats targeting critical infrastructure continue to evolve, the energy sector remains a prime target for malicious actors. Protecting the electric grid requires a strong regulatory framework and robust cybersecurity monitoring practices. In the United States, the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) play key roles in safeguarding the power system against cyber risks.