Security news, company rankings, expert guides, and compliance resources for professionals.
On February 20, 2024, a 10-country task force seized LockBit's infrastructure, identified 194 affiliates, and froze $112 million in cryptocurrency in the most significant ransomware takedown in history.
The Clop ransomware group weaponized CVE-2025-61882 and CVE-2025-61884 to breach nearly 100 organizations including Allianz UK, GlobalLogic, Envoy Air, Harvard, and Washington Post, with ransom demands reaching $50 million.
South Korean e-commerce giant Coupang confirmed an additional 165,000 user accounts were exposed in the massive data breach affecting 33.7 million total accounts, triggered by a former employee using valid authentication keys.
A misconfigured Supabase database at Moltbook, the 'social network for AI agents,' exposed 1.5 million API tokens, 35,000 email addresses, and private messages—revealing the platform was mostly humans operating bot fleets.
A Black Basta ransomware attack on Ascension Health, one of the largest US Catholic healthcare systems, forced hospitals to divert emergency patients, delay surgeries, and revert to paper records, affecting 5.6 million patients.
A LockBit ransomware attack on Evolve Bank & Trust, a banking-as-a-service provider for major fintechs, exposed data of 7.6 million individuals and rippled through partners including Affirm, Mercury, Wise, and others.
Ranking the leading database security solutions based on activity monitoring, encryption, access controls, cloud database coverage, and compliance automation.
Ranking the leading enterprise password management solutions based on security architecture, SSO integration, admin controls, compliance certifications, and enterprise scalability.
Ranking the leading mobile threat defense solutions based on on-device detection, phishing protection, app vetting, network security, and enterprise integration capabilities.
A practical guide to implementing enterprise cryptography and key management, covering algorithm selection, HSMs, PKI, secrets management, and post-quantum cryptography transition.
A practical guide to implementing DNS security, covering protective DNS, DNSSEC, encrypted DNS protocols, threat detection, and enterprise architecture patterns.
A practical guide to implementing mobile security and BYOD programs, covering MDM deployment, containerization, app vetting, conditional access, and compliance requirements for iOS and Android.
Leading managed detection and response (MDR) provider delivering security operations as a concierge service, with the 2025 acquisition of Cylance expanding endpoint AI capabilities.
Networking and cybersecurity giant that acquired Splunk for $28 billion, combining enterprise networking, SIEM, XDR, and threat intelligence into a unified security platform.
The leading privileged access management and identity security company, subject to a pending $25 billion acquisition by Palo Alto Networks.
The Essential Eight is a set of baseline cybersecurity mitigation strategies from the Australian Cyber Security Centre (ACSC) designed to protect organizations against cyber threats. Updated July 2024 with refined maturity levels.
The Gramm-Leach-Bliley Act requires financial institutions to protect customer information through the Privacy Rule, Safeguards Rule, and Pretexting provisions. Major Safeguards Rule updates effective 2023-2024 mandate enhanced cybersecurity controls.
Sarbanes-Oxley Section 404 requires publicly traded companies to establish, document, and test internal controls over financial reporting, including IT General Controls and application controls supporting financial systems.