Mexico is in the middle of a digital revolution.Nearshoring, cloud adoption, e-commerce expansion, and AI-driven automation have helped transform everything from manufacturing plants in Monterrey to financial institutions in Mexico City. In just the last five years, Mexico has seen explosive growth in digital platforms and smart infrastructure, fueling economic momentum and global competitiveness...

As digital transformation sweeps across the healthcare sector, there has never been more at stake. Healthcare data is worth a lot on the black market. Unlike financial data, which has a short shelf life (accounts can be frozen, and fraud alerts issued), medical records stay fresh for a long time.They contain a host of personal information, like medical histories, insurance data, and payment...

According to a report, 71% of energy industry professionals consider their organizations more vulnerable to OT cyber events than ever. These are private organizations, but the stakes are much higher for government-owned systems.Government-owned energy systems such as national grids, nuclear facilities, pipelines, and strategic reserves are foundational to national sovereignty and public welfare.In...

Adopting Continuous Deployment, an extreme form of software delivery automation, can drastically speed up software delivery, but it also introduces critical security challenges. Some of the most severe, global-scale security breaches of recent years (Solarwinds and Kaseya are just two examples) were related to breaches in software delivery infrastructure.Continuous deployment has the potential to...

What is the Interlock ransomware?Interlock is a relatively new strain of ransomware, that first emerged in late 2024. Unlike many other ransomware families it not only targets Windows PCs, but also systems running FreeBSD.If you are impacted, you will find that your files have not only been encrypted but have also had ".interlock" appended to their filenames. For example, a file named report.xlsx...

In January of this year, significant changes to the HIPAA Security Rule were proposed by the Office of Civil Rights for the Department of Health and Human Services (OCR).The proposed update to the HIPAA Security Rule, published on January 6, 2025, introduces a significant new requirement: all covered entities and business associates must conduct penetration testing of their electronic information...

For the fourth year running, in 2025, the IBM X-Force Threat Intelligence Index crowned the manufacturing sector as the number one targeted industry for cybercrime, representing 26% of incidents. The problem is so bad that manufacturing has even managed to defy malware's decline, with attackers exploiting the industry's legacy technology to deploy ransomware at a massive scale. But why is the...

The UK is facing the same evolving digital challenges as the rest of the world, and its new Cyber Security and Resilience Bill is designed to not only help it catch up - but stay ahead.Attackers change their tactics all the time. Without an agile, living framework that gives lawmakers some breathing room, adversaries could easily outstrip the clunky government processes that govern cybersecurity ...

Cybercriminals are getting smarter. Not by developing new types of malware or exploiting zero-day vulnerabilities, but by simply pretending to be helpful IT support desk workers.Attackers affiliated with the 3AM ransomware group have combined a variety of different techniques to trick targeted employees into helping them break into networks.It works like this.First, a company employee finds their...

Attackers have made a decisive switch toward stealthy, identity-centric attacks. Forget breaking in – modern cybercriminals simply log in. And that should be a concern.According to the IBM X-Force 2025 Threat Intelligence Index, nearly one-third of intrusions in 2024 were initiated not through sophisticated attacks, but through valid account exploitation.Moreover, phishing-delivered infostealers...

Recent research by Comparitech reveals the shocking truth about ransomware attacks on government entities; they have a longer impact than anyone thought. Tracking over 1100 government-targeted ransomware attacks over a period of six years, researchers discovered that each day of downtime cost entities nearly $83,600, and that in each attack the downtime lasted for an average of 27.8 days.Compared...

The proliferation of Internet of Things (IoT) devices - more specifically, security cameras - has forced organizations to rethink how they protect their physical hardware.Security cameras represent some of the most common IoT devices installed in business and commercial environments. Recent estimates suggest the smart camera market is expected to grow at an astronomical rate, reaching a potential...

There are ghosts in the machine.Not the poetic kind. I mean literal, running-code-with-root-access kind. The kind that was set up ten years ago by an admin who retired five jobs ago. The kind that still wakes up every night at 3:30 a.m.; processes something no one remembers, and then quietly vanishes into the system logs. Until, of course, something goes wrong—or someone takes advantage of it...

A new era of inconceivably fast quantum machines is not far away, with computers almost ready to completely transform the way we solve problems, communicate, and compute. However, this transformation is not all positive, and the cybersecurity industry fears that functional quantum computers will be able to break even the strongest encryption we have today, rendering today's security infrastructure...

The Health Insurance Portability and Accountability Act (HIPPA) was established to protect patient privacy and secure health information. While it has been around for nearly two decades, it is evolving to keep up with an increasingly digital world and in response to the skyrocketing number of cyber attacks the industry sees every year.On December 27, 2024, the Department of Health and Human...

Today’s Patch Tuesday Alert addresses Microsoft’s May 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1156 as soon as coverage is completed.In-The-Wild & Disclosed CVEsCVE-2025-32706A vulnerability in the Windows Common Log File System (CLFS) Driver could allow a malicious actor to elevate their privileges to SYSTEM. Microsoft has...

According to the NIS Directive, Member States should adopt a common set of baseline security requirements to ensure a minimum level of harmonized security measures across the EU and enhance the overall level of security of operators providing essential services (OES) and digital service providers (DSP). The NIS Directive sets three primary objectives:to improve the national information security...

Tripwire's April 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.Up first on the list are patches for Microsoft Edge (Chromium-based) and Google Chromium that resolve 11 issues including remote code execution and improper implementation vulnerabilities.Next on the list are patches for Microsoft Office, Excel, Word, and OneNote. These patches...

Cybersecurity threats continue to evolve, posing very real risks to organizations, and nowhere is this risk more pronounced than in entities that handle a nation’s critical infrastructure, as these attacks put public health and safety at risk, harm the environment, or disrupt critical services.The Gulf Cooperation Council (GCC) region plays a vital role in the petroleum industry, with Saudi Arabia...

Cyber incidents are always going to be present. Regardless of whether you’re working for a startup or a corporation, malicious software can target you and your business. This is why it’s important to work closely with cybersecurity incident response teams and have such protocols in place.The lifecycle of a cybersecurity incident starts way before it happens with good preparation. However, the...