Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As Anti-Virus and EDR solutions improve in detection and response capabilities, the job of a red teamer can become quite arduous. Malware payloads and techniques that once dominated networks have failed the test of time as EDR becomes aware of them. If your initial access payloads are detected immediately, your six-week long red team could be dead on arrival.

Government administration, defense, and finance sector organizations are the primary areas Advanced Persistent Threat (APT) groups are targeting, according to the most recent data from the Trustwave SpiderLabs’ Cyber Threat Intelligence (CTI) team. The team found most attacks are launched from China, Russia, and Iran, with the primary targets residing in the US, Ukraine, and, interestingly, Russia. The groups tracked include Lapsus$, ShinyHunters, and Silk Typhoon.

The worldwide ransomware landscape saw a dramatic shift in attacks in October 2025, jumping 41% month over month, with the most prolific attacker, Qlin, more than doubling the number of attacks it launched, according to Trustwave, A LevelBlue Company, research. The US remained the primary recipient of ransomware attacks, but October saw manufacturing overtake technology as the most targeted vertical sector.

LevelBlue was recognized as a Major Player in the IDC MarketScape: Worldwide Extended Detection and Response Software 2025 Vendor Assessment ( September 2025, IDC.) This recognition follows the analyst firm earlier this month naming Trustwave a Leader in the IDC MarketScape: APEJ Managed Detection and Response Services 2025 Vendor Assessment (doc, September 2025). LevelBlue acquired Trustwave in August 2025.

This piece is part of a monthly series by Carisa Brockman and Bindu Sundaresan exploring the evolving world of AI governance, trust, and responsibility. Each month, we look at how organizations can use artificial intelligence safely, thoughtfully, and with lasting impact.

It’s bad enough that organizations must worry about threat actors launching phishing attacks, injecting ransomware, or exploiting vulnerabilities; now, there is a new attack variant on the loose. Legal scammers. These are companies, which seem to be emerging particularly in Australia, are set up and registered as legal cybersecurity firms, but in the end just take a company’s money without delivering any services.

Cloud computing is now central to company operations, but it can also be an opportunity for hackers. As of late last year, 80% of organizations experienced more frequent cloud attacks. Strengthening security is essential. Clear, actionable cloud security tips help protect digital assets with minimal complexity. As companies migrate more services and data to cloud environments, risks grow and become harder to detect.

Today marks a strategic leap forward in LevelBlue’s mission to become the most complete cybersecurity partner on the market. I’m excited to announce that LevelBlue has entered into a definitive agreement to acquire Cybereason, a global leader in Extended Detection and Response (XDR), digital forensics and incident response (DFIR), and elite threat intelligence. Together we’ll deliver unified, proactive, and outcome-driven security solutions around the globe.

Organizations continue their digital transformation, with APIs now serving as the main communication links between applications, platforms, services, and partners. The widespread use of APIs introduces new security risks despite their common presence. The growing number of APIs significantly increases the cyber risks that security teams must address as they keep up with technological advances.

Picture your online shopping site overwhelmed with fake orders, your customer accounts being drained one after another, or your essential APIs flooded by an endless wave of automated attacks. This is the reality businesses face today—thanks to a fully automated army of cyber criminals determined to cause harm. In this digital bot invasion, businesses of all kinds are under urgent pressure to establish defenses that effectively fight this digital threat.