Blog
Our latest news.
Stay up-to-date with news and blog posts from ASMGi on how to bridge the gap to apply technology to solve business problems.
ASMGi Posts
IT Chaos Solved: Intune + Autopilot in Action
Fail SOC 2 Once – Pay Forever
Essential AI Strategies to Strengthen Third Party Risk Management
Cyber Insurance: Making the Most of Your Policy
Preventing Breaches: The Power of Security Awareness Training
Webinar: Resiliency in the Face of Ransomware
Zero Trust: A Paradigm Shift in Cybersecurity
Unveiling Deception: How to Spot Scams Before They Spot You
Ransomware: Strategies for Safeguarding Your Digital Assets
Unraveling the Power of AI in Cybersecurity: Safeguarding the Digital Realm
Fortifying Cybersecurity Defenses
Optimizing Healthcare Cybersecurity Cost and Staffing: Balancing Resources and Risk in Healthcare
Leading Cybersecurity Companies GS Lab | GAVS and ASMGi Announce Strategic Partnership to Enhance Global Cyber Defense
Understanding the Importance of Third-Party Risk Management in Healthcare
Embracing Smart Manufacturing: Unveiling IoT Trends, Challenges, and Cybersecurity in the Era of Industry 4.0
Cybersecurity Update – Terin D. Williams – DHS – CISA
Real Life Cyber Attacks - Dec 1 Event
The age of IoT and AI is quickly advancing, demanding more compute power and lower latency at the edge to ensure quick response and great performance.
xIoT Device Risk: Turning the Industry Inside-Out
Cyber Insurance: Digital Risk Mitigation Plan From Financial Loss
AI In Healthcare
Cybersecurity News from Around the Web
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025. "Targets included a government ministry, an air traffic...
Whistleblower: DOGE Siphoned NLRB Case Data
A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk‘s Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured...
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan
Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access. The activity has...
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks
A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay attacks, enabling cybercriminals to conduct fraudulent cashouts. The active campaign is targeting customers of banking institutions and card...
5 Reasons Device Management Isn’t Device Trust
The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture. The solution is more...
⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More
Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that’s exactly what we saw in last week’s activity. Hackers are getting better at hiding inside everyday actions: opening a file, running a project, or logging in like normal. No...
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
Cybersecurity researchers have disclosed a surge in "mass scanning, credential brute-forcing, and exploitation attempts" originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity, detected since January...
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that's targeting diplomatic entities across Europe with a new variant of WINELOADER and a previously unreported malware loader codenamed GRAPELOADER. "While the...
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below - node-telegram-utils (132...
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware
ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices. The vulnerability, tracked as CVE-2025-2492, has a CVSS score of 9.2 out of a...