Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Permission creep rarely looks dangerous at first. It starts as a temporary fix, such as granting an admin role to unblock a deployment. Over time, those temporary decisions become permanent standing permissions. The result is an AWS estate littered with high-privilege roles that sit idle for months, expanding your attack surface without anyone actively noticing. It takes organizations an average of 277 days to identify and contain a breach.

The real challenge for MSPs isn’t growth, it’s scaling effectively. As MSPs increase their client base and expand their service portfolios, managing multiple tools, consoles and vendors becomes progressively more complex, impacting operational efficiency and margins. In many cases, this isn’t the result of poor decision-making, but rather the evolution of the business.

Sure, they would vastly prefer targeting organizations in the opponent’s supply chain (which is why new requirements like CMMC are absolutely crucial), but every organization that is affiliated with or operates in the adversary’s territory becomes a target no matter how large or small.

Google Photos is a popular app by Google to store, share, sync, and backup your photos, albums, and keep your memories in the cloud. Like Google Drive and its lack of privacy features, many are wondering whether Google Photos and privacy are possible with a Photos account.

Scattered Spider–style attacks increasingly target airline loyalty accounts, where stolen credentials can be used to hijack frequent flyer accounts and redeem miles for fraud. Investigations associated with the Scattered Spider ecosystem show how attackers manipulate impersonation campaigns, phishing infrastructure, and account recovery workflows to gain control of customer accounts. For airline security teams, the lesson is not limited to one threat group.

One recurring theme in my research and writing on agentic AI security has been the distinction between soft guardrails and hard boundaries. As someone who serves on the Distinguished Review Board for the OWASP Agentic Top 10, and who spends every day thinking about how to secure agents across enterprise environments at Zenity, this distinction is not academic. It is potentially the single most important conceptual framework practitioners need to internalize right now.

According to a Verizon report, the majority of data breaches are made possible by compromised credentials, especially on email servers. Social engineering, credential phishing and brute force attacks are some of the methods used by malicious actors to steal credentials. To improve the security of Office logins and help prevent data breaches, Microsoft introduced the modern authentication method.

SafeBreach Senior Product Marketing Manager Tova Dvorin explores the critical necessity of continuous validation in Zero Trust architectures, specifically focusing on the integration of SafeBreach and Akamai Guardicore. While microsegmentation is a foundational element in the defense against lateral movement and ransomware propagation, dynamic infrastructure and policy drift often create “blind spots” that compromise security posture.

LevelBlue has developed a suite of managed detection and response solutions to help organizations maintain strong security as threat groups grow more sophisticated. LevelBlue’s Managed Extended Detection and Response (MXDR) with a Co-Managed Security Operations Center (SOC) combines MDR security technology with collaborative expertise to help organizations monitor, investigate, and respond to threats across their environments.

Recent reports of a cyberattack targeting medical device manufacturer Stryker highlight a growing challenge for modern organizations: maintaining visibility across every device connected to their networks. The Michigan-based healthcare technology company reported a global network disruption affecting its Microsoft environment following a cyberattack.