Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

These days, securing sensitive data begins with a single word (or, ideally, a few): passwords. In the face of rising cyber threats, the importance of creating, using, and managing secure passwords cannot be overstated. That’s why, each year, the world sets aside the first Thursday in May to recognize World Password Day—an event dedicated to promoting the criticality of password hygiene in both our personal and professional lives.

Organizations operating in today's rapidly changing digital age face mounting threats to the level of security. Deployment of conventional methods to vulnerability management by periodic scans and blanket scoring will no longer be adequate. Instead, strategy should shift direction toward risk-based vulnerability management towards protection of digital assets.

In the vast landscape of cybersecurity, it’s often not the zero-click iPhone exploits or flashy ransomware variants that expose the most users — sometimes it’s the tools we’ve trusted for decades. One such example is CVE-2025-33028, a vulnerability in WinZip, a program that’s been a staple in personal and corporate environments for over 30 years.

In this episode of Security Matters, host David Puner, dives into the world of evolving cyberthreats with Bryan Murphy, Senior Director of CyberArk’s Incident Response Team. Imagine a scenario where an attacker uses AI-generated deepfakes to impersonate your company’s VP of finance, gaining unauthorized access to your environment.

In a previous security bulletin sent by Arctic Wolf on April 17, 2025, we advised of a credential access campaign targeting SonicWall SMA devices along with remediation guidance. As of April 29, 2025, SonicWall has updated their advisories for several vulnerabilities that are now linked to ongoing exploitation in the threat landscape.

On Monday, April 28, 2025, widespread power outages affected large parts of Spain and Portugal. The exact root cause is still under investigation. These disruptions impacted regional infrastructure supporting connectivity, cloud services, and on-site operations.

KeeperPAM enables organizations to achieve complete visibility, security, control and reporting across every user on every device. KeeperPAM is cloud-based, enables zero-trust and zero-knowledge security, and helps your organization meet compliance mandates by unifying four integral solutions into one unified platform and control plane – enterprise password management, secrets management, connection management, zero-trust network access and remote browser isolation.

You can choose to deploy the NAKIVO solution on physical Windows and Linux machines, virtual machines as a virtual appliance, NAS devices. The NAKIVO Backup & Replication preconfigured virtual appliances (VA) are available for both VMware vSphere and Nutanix AHV as well as for Amazon EC2 environments (as an AMI).