Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Privileged Access Management (PAM) works by controlling, monitoring and securing access to privileged accounts and resources through features such as credential vaulting, just-in-time access control, session management and automation. It enforces the principle of least privilege so that only authorized users and systems have access to sensitive data. Continue reading to learn more about how privileged access management works to protect your organization.

Buy Now, Pay Later services offer a more flexible method for online purchases. Consumers aren't required to make an immediate, full payment; they can instead split the sum into a schedule that works for them. These services work similarly to credit cards but do not incur interest fees over time. Most people have seen Klarna, Afterpay, or Affirm offered on Amazon or other e-commerce websites. They are the most popular BNPL providers, but the market is steadily growing.

Despite advancements in security, web applications are still a problem. Attackers target web applications because they’re exposed, complex, and not as well protected as they should be. According to Verizon1, web applications are the most prevalent attack vector, with exploitations of vulnerabilities increasing by 180% in 2024.

Amazon Web Services (AWS) provides two native options that can be used to back up AWS EC2 instances – AWS EBS Snapshots and Amazon Machine Images (AMIs). This blog post explains the differences between these two approaches to backup and explains when each method is optimal. NAKIVO for AWS EC2 Backup Backup of Amazon EC2 instances to EC2, AWS S3 and onsite. Anti-ransomware options. Fast recovery of instances and application objects. DISCOVER SOLUTION.

Bumblebee is a downloader malware which has become known for its sophistication and effectiveness. The malware was first discovered in 2022 and was believed to be a tool for ransomware groups due to the developer’s close ties with Conti. Since then, it has been used in various attacks and has been delivered through multiple methods, including phishing emails, malicious documents, and SEO poisoning.

Amazon Simple Email Service (Amazon SES) is a cloud-based provider for sending transactional, marketing, and newsletter emails. Because of its role as a source of communication for organizations, Amazon SES has become a primary tool for phishing campaigns. Our latest threat roundup includes a key finding that Amazon SES is a common target in the initial stages of a cloud control plane attack.

Arctic Wolf has recently observed the distribution of a trojanized RVTools installer via a malicious typosquatted domain. The domain matches the legitimate domain, however, the Top Level Domain (TLD) is changed from.com to.org. RVTools is a widely used VMware utility for inventory and configuration reporting, developed by Robware. Once the malicious installer was downloaded, the installer attempts to make outbound connections to known command and control infrastructure.

Fintech CTOs aren’t short on tools; they’re short on the right ones. Between fast-moving DevOps pipelines, open banking integrations, and cloud-native architectures, security often lags behind innovation, not due to negligence, but because traditional tooling fails to keep up. Modern fintech threats like API abuse, IAM misconfigurations, and privilege escalations don’t wait for quarterly audits. They exploit real-time gaps between development and security operations.

For many cybersecurity teams, Nessus is the scanner they started with; a reliable, battle-tested tool that’s been part of the security stack for over two decades. Backed by Tenable’s extensive vulnerability database, Nessus is known for its accuracy in identifying known CVEs and misconfigurations across networks and systems. But while environments have evolved from on-prem to multi-cloud, from VMs to containers, Nessus has primarily stayed the same.

Latin America has quickly become a hotspot for cyber activity. The region’s rapid digitalization, expanding cloud adoption, and evolving geopolitical friction have drawn the attention of both financially motivated eCrime actors and strategic nation-state adversaries. The CrowdStrike 2025 Latin America Threat Landscape Report provides key insights into cyber activity across Central and South America, Mexico, and the Caribbean.