BLOGS
Onze inzichten
Verken deskundige inzichten over cybersecuritytrends, bedreigingen en strategieën om uw bedrijf veilig te houden.
Security
Sep 4, 2025
Jaguar Land Rover Cyberattack: Managing Risk in a Connected Automotive World
Jaguar Land Rover’s recent cyberattack highlights how digital threats now disrupt not just IT, but entire manufacturing and supply chain operations. This blog explores key lessons in resilience, supply chain security, and OT protection for today’s connected industries.
Security
Sep 4, 2025
Palo Alto Networks Breach: Lessons from the Salesloft Drift Supply-Chain Attack
Discover how the Palo Alto Networks breach, linked to the Salesloft Drift supply-chain attack, exposed the risks of OAuth token misuse. This blog unpacks the attack process, what went wrong, industry breach statistics, and practical steps organizations can take to strengthen SaaS and supply-chain security.
Security
Aug 29, 2025
ShadowCaptcha Attack Turns WordPress Sites into Malware Delivery Platforms
ShadowCaptcha is a new campaign exploiting vulnerable WordPress sites to spread ransomware, info-stealers, and crypto miners. By luring victims with fake CAPTCHA pages, it combines technical exploits with social engineering to bypass defenses and cause severe damage.
Security
Aug 27, 2025
Beyond Botnets: The Rise of GeoServer Exploits, PolarEdge, and Gayfemboy in Cybercrime
Cybercrime is shifting from noisy botnets to stealthy, profit-driven campaigns exploiting internet-facing services (e.g., GeoServer, Redis) and IoT devices. Advanced threats like PolarEdge’s ORB botnets and Gayfemboy malware focus on persistence, covert operations, and monetization (cryptojacking, DDoS). Organizations must adopt proactive patching, anomaly detection, segmentation, and stronger security awareness to stay resilient.
Security
Aug 8, 2025
Akira Ransomware Breaches SonicWall VPNs — Even on Fully Updated Systems
Akira ransomware is exploiting a likely zero-day in SonicWall SSL VPNs, breaching even fully patched systems and moving from access to encryption within hours. The attacks highlight that patching alone isn’t enough—organizations need layered defenses, MFA, active VPN monitoring, and network segmentation. Cybersecurity must be continuous, as attackers adapt and remote access systems remain prime targets.
Security
Aug 5, 2025
Scattered Spider Arrests Bring Relief, But Copycat Hackers Sustain the Pressure
The arrests of Scattered Spider members have slowed attacks, but copycats still exploit phishing, MFA bypass, and SIM swaps to target organizations. This pause offers security teams a chance to strengthen defenses through updated incident response, tighter access controls, hypervisor monitoring, and employee training. Lasting resilience requires layered defenses that blend technology, processes, people, and continuous threat intelligence.
Security
Jul 25, 2025
Microsoft Urges Immediate Action: Critical SharePoint RCE Patch Now Available
A critical RCE flaw in Microsoft SharePoint (CVE-2025-53770) is being actively exploited, with attackers chaining it to bypass MFA and gain persistent access. Given SharePoint’s deep integration with Microsoft 365, the risk of lateral compromise is severe. Organizations must patch immediately and adopt layered defenses including identity monitoring, EDR, and incident readiness to stay protected.
Security
Jul 22, 2025
Beyond Backup: Why Cyber Resilience Demands a Rethink in the Age of Ransomware
Is your business still relying on traditional backups to safeguard against ransomware? Our latest blog, “Beyond Backup: Why Cyber Resilience Demands a Rethink in the Age of Ransomware,” highlights why backups alone aren’t enough in today’s threat landscape. Modern ransomware doesn’t just target your data—it targets your ability to recover. From immutable backups and automated recovery testing to orchestrated recovery playbooks, building true cyber resilience requires a shift in strategy.
Security
Jul 19, 2025
XORIndex Malware Spread Widens as North Korean Hackers Exploit npm Registry
XORIndex Malware: North Korean Hackers Target npm Registry in Ongoing Supply Chain Attack The open-source community faces a growing challenge: supply chain attacks are no longer rare events but persistent threats. Our latest blog unpacks how North Korean threat actors are exploiting the npm registry with a new malware loader, XORIndex, as part of their broader Contagious Interview campaign. This attack highlights how software dependencies—trusted by developers worldwide—can become backdoors for sophisticated adversaries. The evolving tactics underscore why securing the supply chain is no longer optional.
...