Monday 3/10
ICYMI: On March 6, 2025, Gotham's CTO, Ken Phelan, was joined by LogSeam's CEO and Co-founder, Daniel Wiley, to discuss cost effective strategies for managing cyber and compliance data.
Click the link below for the full video.
https://youtu.be/dKopbMqIkrE
Key Takeaways from the 2025 State of AI in the Cloud Report (Wiz)
AI is revolutionary technology, but its widespread adoption raises necessary questions about governance, security, and risk. The DeepSeek data exposure incident underscores the urgency of strengthening AI security, starting with visibility into AI deployments to manage risks like Shadow AI, and establishing controls to prevent data exposure and unauthorized use.
https://www.wiz.io/blog/state-of-cloud-ai-report-takeaways
Tuesday 3/11
Workforce Passwordless Authentication: Beyond the Hype and Here to Stay (CyberArk)
Passwords are the ultimate prize for attackers. So, how do you stop one of the most exploited attack vectors? Change the paradigm—fewer passwords. No passwords, no prize.
https://www.cyberark.com/resources/blog/workforce-passwordless-authentication-beyond-the-hype-and-here-to-stay
The Rise of Advanced Attacks — What Business Leaders Need to Know (Palo Alto Networks)
Cyberthreats are evolving at an alarming rate, thanks to cybercriminals’ use of advanced technologies, like AI, to develop more sophisticated attacks that no one has ever seen before. Today, we’re seeing attackers leveraging automation, artificial intelligence and adaptive malware to exfiltrate data in ways that bypass standard detection mechanisms.
https://www.paloaltonetworks.com/blog/2025/03/rise-advanced-attacks-what-business-leaders-need-to-know/
Thursday 3/13
February 2025’s Malware Spotlight: AsyncRAT Emerges, Targeting Trusted Platforms (Check Point)
Check Point’s latest threat index highlights a new campaign involving the malware, AsyncRAT, a remote access trojan targeting Windows systems since 2019. The fourth most prevalent malware of the month, AsyncRAT, enables data theft, command execution, and system compromise.
https://blog.checkpoint.com/security/february-2025s-malware-spotlight-asyncrat-emerges-targeting-trusted-platforms/
Friday 3/14
Healthcare Sector Targeted by Fake CAPTCHA Attack on HEP2go to Deliver Infostealer Malware (Arctic Wolf)
Arctic Wolf has recently observed a campaign targeting the healthcare sector, where victims visiting the widely used physical therapy video site HEP2go are redirected to a fake CAPTCHA webpage when they attempt to visit multiple parts of the website.
https://arcticwolf.com/resources/blog/healthcare-sector-targeted-by-fake-captcha-attack-on-hep2go-to-deliver-infostealer-malware/
Remote Monitoring and Management (RMM) Tooling Increasingly an Attacker’s First Choice (Proofpoint)
The use of RMMs in malicious activity is common, and threat actors can abuse these tools in many ways including leveraging existing remote administration tools within an environment or installing new RMM software on a compromised host for persistence and lateral movement.
https://www.proofpoint.com/us/blog/threat-insight/remote-monitoring-and-management-rmm-tooling-increasingly-attackers-first-choice