Organizations continue their digital transformation, with APIs now serving as the main communication links between applications, platforms, services, and partners. The widespread use of APIs...
Today marks a strategic leap forward in LevelBlue’s mission to become the most complete cybersecurity partner on the market. I’m excited to announce that LevelBlue has entered into a definitive...
Cybersecurity Awareness Month (CAM): Learn how partnering with an MSSP helps organizations meet the foundational security goals recommended by CISA. Managed Security Service Providers (MSSPs):...
This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs Threat Operations team on major threat actor groups and malware currently...
Cloud computing is now central to company operations, but it can also be an opportunity for hackers. As of late last year, 80% of organizations experienced more frequent cloud attacks.[1]...
It’s bad enough that organizations must worry about threat actors launching phishing attacks, injecting ransomware, or exploiting vulnerabilities; now, there is a new attack variant on the loose....
This piece is part of a monthly series by Carisa Brockman and Bindu Sundaresan exploring the evolving world of AI governance, trust, and responsibility. Each month, we look at how organizations...
LevelBlue was recognized as a Major Player in the IDC MarketScape: Worldwide Extended Detection and Response Software 2025 Vendor Assessment ( September 2025, IDC #US52997325e.) This recognition...
Posted by Lyubov Farafonova, Product Manager, Phone by Google; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Abuse; Vijay Pareek, Manager, Android Messaging & Chrome...
Peter Williams, a former general manager at U.S. defense contractor L3Harris Trenchant, has pleaded guilty in U.S. District Court to stealing and selling confidential cybersecurity information to...
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance to help IT administrators harden Microsoft Exchange servers on their...
Infosec agency warns hacktivists broke into critical infrastructure systems to tamper with controls Hacktivists have breached Canadian critical infrastructure systems to meddle with controls that...
Why Securing Critical Infrastructure Requires a Modern Approach
Cross-Site Request Forgery (CSRF) vulnerability (CVE-2025-10317) has been found in OpenSolution Quick.Cart software.
Interesting article about the arms race between AI systems that invent/design new biological pathogens, and AI systems that detect them before they’re created: The team started with a basic test:...
Tenable Cloud Security unifies visibility across code, build, and runtime stages. It correlates vulnerabilities, identities, and misconfigurations to prioritize exploitability and automate...
Biz says 'technical error' caused short-lived leak affecting small number of users A major UK lottery organization says it has resolved a technical error that exposed customer data to other users.…
A critical security vulnerability in Redis’s Lua scripting engine has left thousands of database instances vulnerable to remote code execution attacks. The RediShell RCE vulnerability, tracked as...
What if the secret to unlocking global business growth wasn’t more money but smarter, affordable tools that companies of all sizes could use? Artificial intelligence (AI) is redefining industries,...
CISO-CEO tension and unclear authority under duress are imperiling incident response. CISOs must establish not only clear response plans but also leadership alliances centered on business value,...
Governments eye comms alternatives as sovereignty worries mount Comment Decentralized communications network Matrix is hoping to be the beneficiary as European public and private sector...
Google Threat Intelligence Group is investigating a series of attacks linked to a hacker targeting a critical vulnerability in Windows Server Update Service, Cybersecurity Dive has learned. Threat...
AI agents now make decisions and access systems on their own, creating identity blind spots traditional tools can't see. Learn how Token Security brings identity-first security to agentic AI —...
Families that combine open communication with effective behavioral and technical safeguards can cut the risk dramatically
Microsoft has addressed a critical privilege escalation vulnerability affecting Windows environments worldwide. Attackers can exploit misconfigured Service Principal Names (SPNs) combined with...
Learn how to build your own dynamic binary instrumentation (DBI) tool with open-source DynamoRIO to enable malware analysis, security auditing, reverse engineering, and more.
Hackers are abusing LinkedIn to target finance executives with direct-message phishing attacks that impersonate executive board invitations, aiming to steal their Microsoft credentials. [...]
Industrial system vulnerability research experts discuss threats associated with over-the-air data transmission technologies, attack vectors targeting electric vehicles specifically, the evolution...
Microsoft addressed a critical race condition vulnerability affecting its Windows Cloud Files Minifilter driver in October 2025. The flaw, assigned CVE-2025-55680, was originally discovered in...
Microsoft 365 companion apps will be getting more Copilot features in the coming weeks. [...]