Tuesday 7/1
10 Questions to Evaluate Cloud Email Security Solutions (Abnormal AI)
Today’s threats to cloud email use AI to impersonate trusted contacts, mimic real workflows, and blend seamlessly into day-to-day communication. To stop these attacks, security teams require solutions that use AI the way attackers do—strategically, contextually, and at scale.
https://abnormal.ai/blog/10-questions-to-evaluate-cloud-email-security
The Enterprise’s New Cloud: Where Data Went Wrong and How Storage Can Fix It (Pure Storage)
As enterprises race to deploy AI, success and failure is no longer just about software innovation—it’s about data. How that data is managed and utilized is now a strategic differentiator or risk. And the enterprise storage status quo is out of step.
https://blog.purestorage.com/perspectives/data-cloud-enterprise-storage-future/
Wednesday 7/2
ICYMI: On June 19, 2025, Gotham's CTO, Ken Phelan, was joined by Secure Network Technologies's President, Steve Stasiukonis, to discuss the impact artificial intelligence is having on cybercrime.
Click the link below for the full video:
https://www.youtube.com/watch?v=ltfeUcZYFA0
How To Detect and Stop a Ransomware Attack (Arctic Wolf)
With the rate of ransomware attacks continuing to grow, and new innovations making the cyber threat landscape more dangerous than ever, how can organizations stay safe? The answer lies in better threat detection and response capabilities that help you properly detect and stop a ransomware attack.
https://arcticwolf.com/resources/blog/responding-to-ransomware-time-is-of-the-essence
Thursday 7/3
Exposed JDWP Exploited in the Wild: What Happens When Debug Ports Are Left Open (Wiz)
After deploying a machine with an exposed JDWP server, our sensors detected exploitation attempts within just a few hours, across multiple instances. This demonstrates that JDWP is a highly targeted service. To support this, we used GreyNoise’s tag-based search feature and found over 6,000 unique IP addresses scanning for JDWP endpoints in the past 90 days.
https://www.wiz.io/blog/exposed-jdwp-exploited-in-the-wild
Top Intune challenges for large organizations and how to actually fix them (Nerdio)
Managing thousands of devices across departments, business units, regions, and compliance frameworks isn’t just about setting policies and walking away. It’s about doing it consistently, securely, and without burning your team out on manual tasks.
https://getnerdio.com/blog/top-intune-challenges-for-large-organizations-and-how-to-actually-fix-them/
Monday 7/7
Minimizing False Positives: Enhancing Security Efficiency (Snyk)
Recent research from May 2025 shows that 70% of a security team's time is spent investigating alerts that are false positives, wasting massive amounts of time in the investigation rather than working on proactive security measures to improve organizational security posture. This problem is compounded by the fact that 33% of companies have been late in responding to actual cyberattacks because their teams were busy with these phantom threats.
https://snyk.io/blog/minimizing-false-positives-enhancing-security-efficiency/
Why Diverse Cloud Environments Require Flexible Security (Palo Alto Networks)
By using a unified security solution that integrates seamlessly across clouds, organizations can reduce complexity, streamline compliance efforts, and minimize gaps in threat detection and mitigation.
https://www.paloaltonetworks.com/blog/2025/07/why-diverse-cloud-environments-require-flexible-security/
Tuesday 7/8
CIS Safeguard 4.8: Uninstall Unnecessary Services on Assets and Software
https://www.gothamtg.com/blog/cis-safeguard-48-uninstall-unnecessary-services-on-assets-and-software
How HTML and JavaScript Fuel Modern Phishing: 3 Real-World Examples (Abnormal AI)
Modern attackers combine social engineering with advanced obfuscation and legitimate infrastructure, creating multi-layered deceptions that build trust with users while exploiting the smallest gaps in organizational defenses.
https://abnormal.ai/blog/html-javascript-phishing-examples
Disrupting the Ransomware Attack Chain with Hybrid Mesh Security (Part 1) (Check Point)
Attackers are spending more time inside networks before executing payloads, with dwell times extending up to 9 days in some cases. This extended presence allows threat actors to conduct reconnaissance, disable backups, and identify high-value targets—maximizing damage and pressure during encryption extortion and data exfiltration.
https://blog.checkpoint.com/securing-the-network/disrupting-the-ransomware-attack-chain-with-hybrid-mesh-security-part-1/
Wednesday 7/9
Cloud Security Must Be a Pillar of Your Exposure Management Strategy (Seemplicity)
One of the biggest challenges in cloud security is context. It’s not just about finding an open S3 bucket or a misconfigured IAM role. It’s about understanding what that exposure actually means.
https://seemplicity.io/blog/cloud-security-pillar-exposure-management-strategy-orca-security/
The real problem with identity security? Bad data. (Axonius)
Attackers aren’t brute-forcing their way into systems; they’re logging in using real credentials. Whether stolen, bought, or left behind by poor offboarding, these credentials grant access to sensitive systems without triggering alarms.
https://www.axonius.com/blog/identity-security-bad-data
Thursday 7/10
Not All Alarms Are Incidents: Why Context Matters in Cybersecurity (Adlumin)
In today’s environment, not every alarming screenshot is a sign of compromise. But every incident is a chance to learn, reduce exposure, and strengthen your defenses. When fear enters the equation, your SOC should be your anchor—ready to investigate, explain, and guide you through the noise.
https://adlumin.com/post/not-all-alarms-are-incidents-why-context-matters-in-cybersecurity/
Understanding Multi-Factor Authentication (Arctic Wolf)
As organizations increasingly rely on credential-based applications, in part due to the rise of the cloud, SaaS applications, and hybrid work models, protecting those points of access becomes a critical component of any cybersecurity strategy.
https://arcticwolf.com/resources/blog/understanding-multi-factor-authentication/
Friday 7/11
Why AppSec and CloudSec Belong Together in the Age of AI (Wiz)
AI accelerates development— and risk shouldn't be a blocker to innovation. Bridging AppSec and CloudSec with shared context and workflows is key to keeping up.
https://www.wiz.io/blog/unite-appsec-and-cloudsec
Four Pillars of a Modern Cloud Cyber Resilience Strategy (Rubrik)
Given the ongoing cyberattacks aimed at compromising data in the cloud, organizations cannot afford to wait until after their data is compromised. They need to evolve their cybersecurity approach and investments by adopting a cyber resilience strategy now.
https://www.rubrik.com/blog/technology/25/7/4-pillars-of-a-modern-cloud-cyber-resilience-strategy