https://trescudo.inblog.io Explore the latest in cybersecurity with the Trescudo blog. Our experts provide in-depth analysis on threat intelligence, risk management, and compliance challenges in cloud, OT, and endpoint security. Additionally, you can find various guides, briefs and reports under the Resources menu item of our main website - https://trescudo.com Tue, 15 Jul 2025 08:51:27 GMT inblog Wed, 26 Nov 2025 14:08:41 GMT https://image.inblog.dev?url=https%3A%2F%2Fsource.inblog.dev%2Fog_image%2F2025-07-15T10%3A35%3A34.144Z-6dc956ae-7ea6-40fa-8e52-8154dcf07543&w=1920&q=85 https://trescudo.inblog.io https://trescudo.inblog.io/fluent-bit-cloud-vulnerabilities-espionage-surge Critical Fluent Bit flaws expose cloud infrastructure. Plus, Russian espionage accelerates with COLDRIVER and npm supply chain attacks. Wed, 26 Nov 2025 14:32:16 GMT https://trescudo.inblog.io/fluent-bit-cloud-vulnerabilities-espionage-surge Threat Analysis Evangeline https://trescudo.inblog.io/oracle-ebs-zero-day-virtualization-ransomware-analysis Oracle EBS zero-days are fueling a massive extortion campaign. Plus, ransomware groups Akira and Helldown pivot to virtualization. Sat, 22 Nov 2025 14:05:02 GMT https://trescudo.inblog.io/oracle-ebs-zero-day-virtualization-ransomware-analysis Threat Analysis Evangeline https://trescudo.inblog.io/kindness-trust-zero-trust-human-centered-security-eu-nis2 Human-centered security for EU/NIS2: how kindness, psychological safety, and zero-trust cut MTTR, boost phishing reporting, and strengthen breach communications. Wed, 12 Nov 2025 11:16:21 GMT https://trescudo.inblog.io/kindness-trust-zero-trust-human-centered-security-eu-nis2 Cybersecurity Strategy Evangeline https://trescudo.inblog.io/weekly-cyber-brief-rhysida-malvertising-kev-ey-nikkei Rhysida fake Teams ads (OysterLoader/Latrodectus), new CISA KEV vulns, EY & Nikkei breaches—actionable takeaways for EU/NIS2 teams. Tue, 11 Nov 2025 10:30:18 GMT https://trescudo.inblog.io/weekly-cyber-brief-rhysida-malvertising-kev-ey-nikkei Threat Analysis Evangeline https://trescudo.inblog.io/stem-to-secops-evidence-driven-security-eu-healthcare-nis2 Evidence-driven SecOps for EU healthcare: STEM mindset, NIS2 reporting, and 7 metrics (MTTR, restore success, KEV MTTR, supplier SLAs) that protect patients. Tue, 04 Nov 2025 10:26:58 GMT https://trescudo.inblog.io/stem-to-secops-evidence-driven-security-eu-healthcare-nis2 Compliance & Risk Evangeline https://trescudo.inblog.io/agentic-ai-unified-security-operations Agentic AI turns fragmented SOC tools into a unified defence mesh—cutting MTTR, automating playbooks, and producing NIS2/DORA-ready evidence. Thu, 30 Oct 2025 10:24:33 GMT https://trescudo.inblog.io/agentic-ai-unified-security-operations Products & Solutions Evangeline https://trescudo.inblog.io/ai-cybersecurity-arms-race The cybersecurity AI arms race is here. Nation-states and cybercriminals are using AI to supercharge attacks on critical infrastructure. Learn how to fight back with an automated, AI-powered defence. Tue, 28 Oct 2025 16:42:09 GMT https://trescudo.inblog.io/ai-cybersecurity-arms-race Products & Solutions Evangeline https://trescudo.inblog.io/aws-outage-root-cause-costs-resilience-for-cisos Breakdown of the AWS US-EAST-1 DNS incident—timeline, cost modelling, concentration risk, DORA reporting timelines, and a 7-day engineering plan. Mon, 27 Oct 2025 15:06:40 GMT https://trescudo.inblog.io/aws-outage-root-cause-costs-resilience-for-cisos Threat Analysis Evangeline https://trescudo.inblog.io/how-to-report-nis2-to-your-board Tired of complex NIS2 compliance reports? Learn the 4 essential, board-ready metrics that translate technical risk (Art. 21/23) into business resilience, covering IR, recovery, and supply chain. Tue, 21 Oct 2025 10:05:18 GMT https://trescudo.inblog.io/how-to-report-nis2-to-your-board Compliance & Risk Evangeline https://trescudo.inblog.io/critical-patches-breaches-oracle-ebs-goanywhere-salesforce Weekly threat analysis (Oct 7–14, 2025): Oracle EBS zero-days, Salesforce leaks, SimonMed breach, GoAnywhere CVE-2025-10035—priority actions for EU/UK teams. Wed, 15 Oct 2025 09:25:46 GMT https://trescudo.inblog.io/critical-patches-breaches-oracle-ebs-goanywhere-salesforce Threat Analysis Evangeline https://trescudo.inblog.io/securing-legacy-systems-patchless-protection Legacy systems are everywhere—and risky. See how patchless protection blocks exploits when you can’t patch—WannaCry lessons, NIS2 obligations, and a modern IR plan. Mon, 13 Oct 2025 15:32:01 GMT https://trescudo.inblog.io/securing-legacy-systems-patchless-protection Products & Solutions Evangeline https://trescudo.inblog.io/swedish-catastrophe-supply-chain-breach The Swedish Catastrophe: A single vendor breach exposed the data of 1.5 million people (15% of Sweden). Learn the urgent lessons on third-party risk and national security. Wed, 08 Oct 2025 13:54:47 GMT https://trescudo.inblog.io/swedish-catastrophe-supply-chain-breach Threat AnalysisBreach Analyses Evangeline https://trescudo.inblog.io/who-had-access-privileged-access-management After a breach, regulators will ask, "Who had access?" Learn how Privileged Access Management (PAM) provides the definitive answer and protects your business from massive fines. Tue, 07 Oct 2025 15:23:57 GMT https://trescudo.inblog.io/who-had-access-privileged-access-management Products & Solutions Evangeline https://trescudo.inblog.io/cyber-weekly-harrods-breach Past-week roundup—Cisco ASA zero-days, Harrods data leak, airport disruption updates, ENISA trends, Google Drive ransomware detection. Wed, 01 Oct 2025 09:48:54 GMT https://trescudo.inblog.io/cyber-weekly-harrods-breach Threat Analysis Evangeline https://trescudo.inblog.io/cyber-skills-gap-iam Struggling with the cybersecurity skills gap in Europe? Discover why it's an identity problem at its core and how AI-powered JIT access helps secure critical infrastructure (NIS2/GDPR) without needing to hire more staff. Tue, 30 Sep 2025 10:30:39 GMT https://trescudo.inblog.io/cyber-skills-gap-iam Products & Solutions Evangeline https://trescudo.inblog.io/weekly-threat-analysis-mfa-bombing A critical Confluence zero-day and AI voice clone attacks (MFA Bombing) are this week's top threats. Our analysis breaks down these incidents and what they mean for your security posture Wed, 24 Sep 2025 09:35:31 GMT https://trescudo.inblog.io/weekly-threat-analysis-mfa-bombing Threat Analysis Evangeline https://trescudo.inblog.io/airport-cyber-attacks-incident-response-europe How airports can strengthen incident response after major cyberattacks—from Bristol FIDS ransomware to Brussels/Heathrow’s 2025 supply-chain outage. Mon, 22 Sep 2025 09:58:16 GMT https://trescudo.inblog.io/airport-cyber-attacks-incident-response-europe Breach Analyses Evangeline https://trescudo.inblog.io/voice-assistant-enterprise-attack-vector Voice assistants like Siri & Alexa are a new enterprise attack vector. Our analysis covers the "Dolphin Attack," malicious skills, and a CISO playbook for this emerging threat. Fri, 19 Sep 2025 12:31:43 GMT https://trescudo.inblog.io/voice-assistant-enterprise-attack-vector Cybersecurity Strategy Evangeline https://trescudo.inblog.io/weekly-threat-analysis-threat-detection-2025-09-16 JLR production halt, critical VMware vCenter flaws, and a surge in QR-code phishing. See what your threat detection must catch—and what to fix in 48 hours. Tue, 16 Sep 2025 12:35:41 GMT https://trescudo.inblog.io/weekly-threat-analysis-threat-detection-2025-09-16 Threat Analysis Evangeline https://trescudo.inblog.io/fema-cybersecurity-failure-case-study A deep-dive into the FEMA cybersecurity scandal. Discover the 'four embarrassing failures' that led to a mass firing and the urgent lessons for government agencies worldwide. Mon, 15 Sep 2025 10:10:07 GMT https://trescudo.inblog.io/fema-cybersecurity-failure-case-study Breach Analyses Evangeline https://trescudo.inblog.io/cybersecurity-governance-jlr-breach Analysis of the Jaguar Land Rover breach, a stark lesson in cybersecurity governance. See how the attack shut down assembly lines, costing millions daily, and the implications for NIS2. Thu, 11 Sep 2025 10:36:01 GMT https://trescudo.inblog.io/cybersecurity-governance-jlr-breach Breach Analyses Evangeline https://trescudo.inblog.io/threat-analysis-salesloft-supply-chain-breach Trescudo's analysis of the Salesloft supply chain breach & Sitecore zero-day. Learn the lessons from this week's top cyber threats for Benelux businesses under NIS2. Wed, 10 Sep 2025 09:24:26 GMT https://trescudo.inblog.io/threat-analysis-salesloft-supply-chain-breach Threat Analysis Evangeline https://trescudo.inblog.io/whopper-vulnerability-analysis Analysis of the Burger King hack. Discover how a Broken Object Level Authorisation (BOLA) flaw in their API exposed customer data and what it teaches us about app security. Mon, 08 Sep 2025 16:31:35 GMT https://trescudo.inblog.io/whopper-vulnerability-analysis Breach Analyses Evangeline https://trescudo.inblog.io/nist-csf-ai-security-blueprint NIST's new concept paper outlines a framework for AI security using the NIST CSF. Discover the new AI attack surface and the gold standard for securing your innovative assets. Mon, 08 Sep 2025 09:11:33 GMT https://trescudo.inblog.io/nist-csf-ai-security-blueprint Products & Solutions Evangeline https://trescudo.inblog.io/netherlands-cervical-screening-breach Deep-dive analysis of the Dutch cervical cancer screening breach. Trescudo covers the third-party risk, Nova RaaS tactics, and the lessons for Benelux businesses. Tue, 02 Sep 2025 15:30:41 GMT https://trescudo.inblog.io/netherlands-cervical-screening-breach Breach Analyses Evangeline https://trescudo.inblog.io/threat-detection-2025-09-01 This week: Nevada ransomware, TransUnion 4.4M breach, Citrix NetScaler zero-day, and WhatsApp zero-click—plus a 48-hour threat detection plan. Mon, 01 Sep 2025 15:18:03 GMT https://trescudo.inblog.io/threat-detection-2025-09-01 Threat Analysis Evangeline https://trescudo.inblog.io/threat-analysis-weekly-2025-08-26 Weekly threat analysis: Orange Belgium breach, OAuth/Salesforce campaign, Cisco FMC CVE-2025-20265, Apple zero-day—plus a 48-hour CISO playbook and hunt tips. Tue, 26 Aug 2025 15:07:19 GMT https://trescudo.inblog.io/threat-analysis-weekly-2025-08-26 Threat Analysis Evangeline https://trescudo.inblog.io/threat-analysis-triple-threat-Benelux Benelux threat detection briefing: Orange Belgium breach, Russian “Static Tundra” Cisco exploits, and an Apple zero‑day—actions boards can take in 48 hours. Fri, 22 Aug 2025 09:09:22 GMT https://trescudo.inblog.io/threat-analysis-triple-threat-Benelux Threat Analysis Evangeline https://trescudo.inblog.io/history-of-cybersecurity From a college prank that shut down the internet to AI-powered defences, discover the fascinating history of cybersecurity and what it means for your business today. Thu, 21 Aug 2025 10:34:46 GMT https://trescudo.inblog.io/history-of-cybersecurity Evangeline https://trescudo.inblog.io/dutch-cervical-cancer-data-breach-analysis Nearly 485,000 women affected in a Dutch cervical screening data breach tied to a lab supplier. What was exposed, timeline, GDPR/NIS2 angle, and next steps. Mon, 11 Aug 2025 20:15:58 GMT https://trescudo.inblog.io/dutch-cervical-cancer-data-breach-analysis Breach Analyses Evangeline https://trescudo.inblog.io/winrar-zero-day-romcom-threat-analysis RomCom (Storm-0978) weaponised a WinRAR zero-day to plant backdoors. See TTPs, NIS2 exposure, and a patch-first detection plan tailored for Benelux teams. Mon, 11 Aug 2025 09:29:23 GMT https://trescudo.inblog.io/winrar-zero-day-romcom-threat-analysis Threat Analysis Evangeline https://trescudo.inblog.io/air-france-klm-data-breach Learn how the Air France KLM data breach exposed loyalty data via a third-party SaaS, the GDPR/NIS2 penalties, and 7 steps Benelux CISOs must take now. Thu, 07 Aug 2025 22:40:05 GMT https://trescudo.inblog.io/air-france-klm-data-breach Breach Analyses Evangeline https://trescudo.inblog.io/nis2-vs-nist-csf-it-security-benelux Compare NIS2 and NIST CSF for IT Security Benelux leaders. See overlap, gaps, fines, and a 5-step decision guide for sustainable cyber-resilience. Wed, 06 Aug 2025 13:08:34 GMT https://trescudo.inblog.io/nis2-vs-nist-csf-it-security-benelux Compliance & Risk Evangeline https://trescudo.inblog.io/plague-pam-backdoor The new Plague PAM backdoor evaded AV for a year. Learn its TTPs, IOC list and a threat-detection blueprint to secure your Linux servers in 2025. Mon, 04 Aug 2025 15:34:47 GMT https://trescudo.inblog.io/plague-pam-backdoor Breach Analyses Evangeline https://trescudo.inblog.io/salt-typhoon-orange-2025 French telecom Orange S.A. suffered a Salt Typhoon APT attack on 25 July 2025. Learn the TTPs, business impact, NIS2/DORA exposure and concrete defence steps. Wed, 30 Jul 2025 10:10:22 GMT https://trescudo.inblog.io/salt-typhoon-orange-2025 Breach Analyses Evangeline https://trescudo.inblog.io/human-perimeter Clorox lost $380 M when hackers duped a help‑desk agent. Discover how human error, not malware, drives breaches—and how to fortify your human perimeter. Tue, 29 Jul 2025 12:42:47 GMT https://trescudo.inblog.io/human-perimeter Breach Analyses Evangeline https://trescudo.inblog.io/sharepoint-vulnerability-patching A critical SharePoint vulnerability (CVE-2025-53770) is here. Learn why a "patch-and-pray" strategy is not enough and how to build true cyber resilience. Tue, 22 Jul 2025 14:49:35 GMT https://trescudo.inblog.io/sharepoint-vulnerability-patching Breach Analyses Evangeline https://trescudo.inblog.io/data-security-ai-personas What if the person you're talking to isn't real? Discover how AI personas create new insider threats and why Data Security with DLP and XDR is your best defence. Sat, 19 Jul 2025 10:05:29 GMT https://trescudo.inblog.io/data-security-ai-personas Cybersecurity Strategy Evangeline https://trescudo.inblog.io/digital-honey-trap-romance-scam A romance scam can turn a trusted employee into an insider threat. Learn how the 'Digital Honey Trap' works and how DLP, XDR, and Zero Trust can protect your data. Wed, 16 Jul 2025 07:00:00 GMT https://trescudo.inblog.io/digital-honey-trap-romance-scam Products & Solutions Evangeline https://trescudo.inblog.io/zero-trust-security-architecture Learn how zero‑trust security architecture, micro‑segmentation and identity‑centric security stop lateral movement, meet DORA/NIS2, and cut breach costs by 40 %. Tue, 15 Jul 2025 14:16:06 GMT https://trescudo.inblog.io/zero-trust-security-architecture Cybersecurity Strategy Evangeline https://trescudo.inblog.io/mastering-risk-management-strategies-cyber-resilience In uncertain times, mastering cyber risk is key. This guide offers four essential strategies for resilience, from understanding your attack surface to incident response. Tue, 15 Jul 2025 10:29:41 GMT https://trescudo.inblog.io/mastering-risk-management-strategies-cyber-resilience Compliance & Risk Evangeline