Monday 4/14
Citrix and Unicon: Control the endpoint, control the experience (Citrix)
When the acquisition was announced in January, we immediately saw the potential to create meaningful synergies. Citrix already leads in delivering virtual apps and desktops, zero trust access, and secure application delivery. By integrating Unicon’s secure endpoint OS and management capabilities, Citrix now offers end-to-end control across the entire technology stack.
https://www.citrix.com/blogs/2025/04/09/citrix-and-unicon-control-the-endpoint-control-the-experience/
March 2025: Malware Spotlight – FakeUpdates and RansomHub Ransomware Group Dominate Cyber Threats (Check Point)
The latest Global Threat Index for March 2025 shows the continued dominance of FakeUpdates, a downloader malware that remains the most prevalent cyber threat worldwide. This sustained threat comes as RansomHub ransomware campaigns gain traction, marking a growing concern in the ransomware space.
https://blog.checkpoint.com/security/march-2025-malware-spotlight-fakeupdates-and-ransomhub-ransomware-group-dominate-cyber-threats/
Tuesday 4/15
The Expanding Attack Surface: Why Collaboration Tools Are the New Front Line in Cyberattacks (Proofpoint)
Organizations today rely on messaging and collaboration tools to boost productivity and connect distributed teams. However, as quickly as businesses adopt these platforms, cybercriminals are finding new ways to exploit them.
https://www.proofpoint.com/us/blog/email-and-cloud-threats/collaboration-tools-new-front-line-cyberattacks
How ‘Zombie’ Accounts and Non-human Identities Threaten Perimeters (Pure Storage)
As the IT perimeter becomes less definable, non-human identities (NHIs) offer a promising attack vector for cybercriminals and have played a role in several recent high-profile breaches.
https://blog.purestorage.com/perspectives/how-zombie-accounts-and-non-human-identities-threaten-perimeters/
Wednesday 4/16
Silent Ransom Group “Call-back” Phishing Campaign (Arctic Wolf)
The group has been targeting the legal industry using “call-back” phishing tactics. The group sends emails impersonating services such as Duolingo or Masterclass, claiming a pending charge and urging recipients to call a phone number to resolve the issue. Arctic Wolf has also observed similar targeting across various other industries.
https://arcticwolf.com/resources/blog/silent-ransom-group-call-back-phishing-campaign/
Thursday 4/17
CIEM and Secure Cloud Access: Best Practices from Wiz and CyberArk (Wiz)
Every new service, application, and role adds more permissions, and without proper oversight, security gaps can emerge. While strong authentication methods like SSO and MFA help establish identity, they don’t address the challenge of what those identities can access.
https://www.wiz.io/blog/best-practices-from-wiz-and-cyberark
Essential Components of a Cloud Runtime Protection Strategy (CrowdStrike)
Securing today’s hybrid and multi-cloud environments requires more than one method of runtime protection. It demands the combined power of agent-based visibility and protection, along with the broad context and reach of agentless monitoring.
https://www.crowdstrike.com/en-us/blog/essential-components-of-cloud-runtime-protection/
Friday 4/18
New Frontier of GenAI Threats: A Comprehensive Guide to Prompt Attacks (Palo Alto Networks)
As LLMs and GenAI become deeply integrated into your critical operations and decision-making processes, adversaries can exploit subtle vulnerabilities to manipulate your model outputs to coerce unauthorized behaviors or compromise sensitive information. They do this through a method called prompt attacks – a relatively new but increasingly sophisticated technique used to manipulate AI models.
https://www.paloaltonetworks.com/blog/2025/04/new-frontier-of-genai-threats-a-comprehensive-guide-to-prompt-attacks/