Amid a surge in cryptocurrency-related cybercrime, MITRE has unveiled AADAPT (Adversarial Actions in Digital Asset Payment Technologies), a brand-new framework designed to shore up cybersecurity weaknesses within digital financial systems such as cryptocurrency.How Does AADAPT Work?Following the construction of MITRE ATT&CK, AADAPT offers a methodology for identifying, analyzing, and mitigating...

A recent report states that Indian healthcare institutions face a total of 8,614 cyberattacks every week. That is more than four times the global average and over double the amount faced by any other industry in India.If the feeling was in the air before, the numbers leave no doubt; India’s healthcare sector is an irresistible target for today’s attackers.Indian Healthcare Leads the Pack in Rising...

Shadow IT is one of the most pressing issues in cybersecurity today. As more employees use unsanctioned browser extensions, productivity plugins, and generative AI tools, organizations are exposed to more risk.When these tools enter the environment without IT’s knowledge, they can create data exposure points, introduce new vulnerabilities, and make it easier for attackers to find privileged access...

We all know where vulnerability management fits into an overall security strategy; it provides the raw data that analysts use to figure out what’s wrong and what needs to be fixed. The problem is, traditional VM stops there – leaving analysts to do all the work.Today’s companies don’t have the luxury of doing that anymore. Experts are needed on the front lines, not vetting false positives, and VM...

Last year, Mexico was hit with 324 billion attempted cyberattacks, lending credence to the World Economic Forum's report that the country is the recipient of more than half of all cyber threats in Latin America.This does not bode well for the nation projected to rank 15th in world economies this year. The imperative is clear: Mexico and the businesses it supports need to bolster cybersecurity...

IoT is everywhere, quietly powering everything from smart thermostats in homes to complex systems in industrial networks. While these devices bring incredible convenience and innovation, they also open the door to significant cybersecurity risks, especially in manufacturing and similarly sensitive sectors.The longer devices stay online, the more likely they are to become vulnerable due to outdated...

As the European Cyber Resilience Act (CRA)'s enforcement date approaches (October 2026), cybersecurity requirements on manufacturers, developers, and service providers responsible for software and hardware connected to the internet will need to start thinking - if they haven't already -about what they need to do to comply. It may seem like a long time off, but the earlier you start, the better...

The cranes that move goods in and out of America's busiest ports (some of the most essential components of our national logistics chain) are under growing scrutiny.In a newly issued MARSEC Directive 105-5, the U.S. Coast Guard has raised red flags about the cybersecurity risks that come with ship-to-shore (STS) cranes manufactured in China. These cranes, mostly produced by state-owned enterprises...

COBOL remains deeply embedded in the infrastructure of global enterprises, powering critical systems in banking, insurance, government, and beyond. While its stability and processing efficiency are unmatched, legacy environments running COBOL face a growing challenge: Security.As cyber threats evolve and legacy systems continue to age, COBOL-based mainframes present attractive targets due to their...

When was the last time you updated your router? If you’re not sure, you’re not alone, and this uncertainty could pose a serious risk to your business.The FBI recently warned that malicious actors are targeting end-of-life (EOL) routers (network devices that manufacturers no longer support or update). These outdated routers are being hijacked by bad actors who use them as a stepping stone into...

Cyberattacks on public infrastructure are no longer hypothetical. From ransomware disabling city services to foreign actors probing utility networks, the risks are real and rising. Among the most vulnerable targets are our public water systems. Often underfunded, technologically fragmented, and encumbered by legacy systems, water utilities are easy pickings for determined attackers.In recent years...

Ever wondered what really drives today's cyberattacks? It's not always just about stealing data or demanding a ransom. Motives can vary widely depending on the attacker, their intent, and their capabilities.In the most simple terms, a cyberattack is a malicious intent to access, steal, expose, or destroy data and systems without authorized access. Every attack typically involves a motive or goal,...

Picture this: You’re at the supermarket, looking for your favorite brand of cereal. But the shelves are empty, staff are frazzled, and the checkout terminals are flickering ominously. That’s not just a supply chain hiccup, it’s a direct result of the latest wave of cyberattacks targeting the UK’s biggest grocery chains.In 2025, major retailers like Co-op, Marks & Spencer, and Harrods found...

As a cybersecurity expert, you are aware that performing static scans is only one part of a good defense-in-depth strategy. Similarly, periodic vulnerability assessments, while valuable, are only a single piece of cyber defense fortification. Continuous Threat Exposure Management (CTEM) establishes a logical setting to control organizational threats proactively. CTEM enables an augmented...

Web Application Firewalls (WAFs) have long served as the front line of defense for web applications, filtering out malicious traffic and enforcing security policies. But as threats grow more sophisticated and application environments become more dynamic, many are questioning whether traditional WAFs are still up to the task. In 2025, with the rise of cloud-native applications, APIs, and machine...

Mexico is in the middle of a digital revolution.Nearshoring, cloud adoption, e-commerce expansion, and AI-driven automation have helped transform everything from manufacturing plants in Monterrey to financial institutions in Mexico City. In just the last five years, Mexico has seen explosive growth in digital platforms and smart infrastructure, fueling economic momentum and global competitiveness...

As digital transformation sweeps across the healthcare sector, there has never been more at stake. Healthcare data is worth a lot on the black market. Unlike financial data, which has a short shelf life (accounts can be frozen, and fraud alerts issued), medical records stay fresh for a long time.They contain a host of personal information, like medical histories, insurance data, and payment...

Adopting Continuous Deployment, an extreme form of software delivery automation, can drastically speed up software delivery, but it also introduces critical security challenges. Some of the most severe, global-scale security breaches of recent years (Solarwinds and Kaseya are just two examples) were related to breaches in software delivery infrastructure.Continuous deployment has the potential to...

What is the Interlock ransomware?Interlock is a relatively new strain of ransomware, that first emerged in late 2024. Unlike many other ransomware families it not only targets Windows PCs, but also systems running FreeBSD.If you are impacted, you will find that your files have not only been encrypted but have also had ".interlock" appended to their filenames. For example, a file named report.xlsx...

In January of this year, significant changes to the HIPAA Security Rule were proposed by the Office of Civil Rights for the Department of Health and Human Services (OCR).The proposed update to the HIPAA Security Rule, published on January 6, 2025, introduces a significant new requirement: all covered entities and business associates must conduct penetration testing of their electronic information...