-
Research that builds detections
Note: You can view the full content of the blog here. Introduction Detection engineering is becoming increasingly important in surfacing new malicious activity. Threat actors might take advantage of previously unknown malware families – but a successful detection of certain methodologies or artifacts can help expose the entire infection chain. In previous blog posts, we…
-
Hidden Weaknesses in Secure Elements and Enclaves
Secure elements (SE) on Android and secure enclaves on iOS have emerged as trusted hardware-backed solutions for storing and protecting sensitive information, such as cryptographic keys. They are often touted as tamper-resistant, isolated, and secure environments with the highest certifications (e.g., AVA_VAN.5 under Common Criteria). However, while the hardware is robust, the software layers above it introduce significant…
-
Zero-Day Vulnerability in Ivanti VPN
It’s being actively exploited. It’s being actively exploited. Go to Source
-
Seven Trends to Watch for in 2025
*No generative AI was used by the author Rapid Rate of Change Still Powering Technology Here we are a quarter of the way through the 21st century and the rate of change in technology shows no signs of slowing. And, while we are not quite the jet-setting hipsters that cartoons of the 1960’s predicted, we…
-
Tuta for Open Source Projects
We at Tuta love open source. Lots of open source projects are developed and maintained by open source enthusiasts like ourselves, and we want to give back and help open source teams to be more productive and more secure.
-
How DevOps and devops can be implemented together?
DevOps is a set of practices that unifies software development (Dev) and IT operations (Ops), aiming to shorten the system development lifecycle and deliver high-quality software continuously. Implementing DevOps effectively within an organization can lead to faster delivery, more reliable products, and more efficient collaboration between teams. This article will provide a detailed guide on…
-
Critical Vulnerability Uncovered: CVE-2025-0282 Puts Ivanti Systems at Risk
Ivanti has disclosed a critical vulnerability identified as CVE-2025-0282, affecting several of its products, including Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. With a CVSS Score of 9.0, this stack-based buffer overflow vulnerability allows remote, unauthenticated attackers to execute arbitrary code on the target device, posing significant security risks to affected systems.…
-
How Azure is using DevOps in Monitoring and Observability?
In today’s rapidly evolving digital landscape, Monitoring and Observability have become essential components of the DevOps lifecycle.Microsoft Azure seamlessly integrates DevOps practices to enhance these capabilities, ensuring applications and infrastructure are both reliable and efficient. Understanding Monitoring and Observability in DevOps Monitoring involves: Collecting data from applications and infrastructure. Tracking performance metrics. Setting up alerts…
-
Cyber Risk Management: It’s Not Just About Technology
For years, the default assumption in cybersecurity has been that managing risk is all about technology: firewalls, encryption, and the latest threat detection tools. The facts don’t lie: in 2024, global cybersecurity spending is projected to reach $223 billion (source: Statista), yet only a small fraction of this—less than $2 billion—is allocated to awareness training…
-
How Datadog is Using DevOps in Monitoringand Observability?
In today’s fast-paced world of software development and IT operations, organizations need to continuously improve their ability to deploy applications quickly, reliably, and at scale. This is where DevOps practices come into play, blending development and operations for more efficient workflows. One of the cornerstones of a successful DevOps implementation is monitoring and observability, as…