Blog
Our latest news.
Stay up-to-date with news and blog posts from ASMGi on how to bridge the gap to apply technology to solve business problems.
ASMGi Posts
IT Chaos Solved: Intune + Autopilot in Action
Fail SOC 2 Once – Pay Forever
Essential AI Strategies to Strengthen Third Party Risk Management
Cyber Insurance: Making the Most of Your Policy
Preventing Breaches: The Power of Security Awareness Training
Webinar: Resiliency in the Face of Ransomware
Zero Trust: A Paradigm Shift in Cybersecurity
Unveiling Deception: How to Spot Scams Before They Spot You
Ransomware: Strategies for Safeguarding Your Digital Assets
Unraveling the Power of AI in Cybersecurity: Safeguarding the Digital Realm
Fortifying Cybersecurity Defenses
Optimizing Healthcare Cybersecurity Cost and Staffing: Balancing Resources and Risk in Healthcare
Leading Cybersecurity Companies GS Lab | GAVS and ASMGi Announce Strategic Partnership to Enhance Global Cyber Defense
Understanding the Importance of Third-Party Risk Management in Healthcare
Embracing Smart Manufacturing: Unveiling IoT Trends, Challenges, and Cybersecurity in the Era of Industry 4.0
Cybersecurity Update – Terin D. Williams – DHS – CISA
Real Life Cyber Attacks - Dec 1 Event
The age of IoT and AI is quickly advancing, demanding more compute power and lower latency at the edge to ensure quick response and great performance.
xIoT Device Risk: Turning the Industry Inside-Out
Cyber Insurance: Digital Risk Mitigation Plan From Financial Loss
AI In Healthcare
Cybersecurity News from Around the Web
How Leading CISOs are Getting Budget Approval
It’s budget season. Once again, security is being questioned, scrutinized, or deprioritized. If you're a CISO or security leader, you've likely found yourself explaining why your program matters, why a given tool or headcount is essential, and how the next breach is...
20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack
Multiple npm packages have been compromised as part of a software supply chain attack after a maintainer's account was compromised in a phishing attack. The attack targeted Josh Junon (aka Qix), who received an email message that mimicked npm ("support@npmjs[.]help"),...
45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage
Threat hunters have discovered a set of previously unreported domains, some going back to May 2020, that are associated with China-linked threat actors Salt Typhoon and UNC4841. "The domains date back several years, with the oldest registration activity occurring in...
18 Popular Code Packages Hacked, Rigged to Steal Crypto
At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have...
Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week
An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account for billions of weekly downloads.
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account. Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft...
GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms
Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools like GitHub Desktop. While malvertising campaigns have become...
⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More
Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it’s knowing which risks matter most right now. That’s what this digest is...
You Didn’t Get Phished — You Onboarded the Attacker
When Attackers Get Hired: Today’s New Identity Crisis What if the star engineer you just hired isn’t actually an employee, but an attacker in disguise? This isn’t phishing; it’s infiltration by onboarding. Meet “Jordan from Colorado,” who has a strong resume,...
Go-to Resources for Secure Cloud Storage
The cloud is becoming the norm when it comes to data storage, but it's not without its challenges. The right policies and procedures can go a long way toward safely storing data in the cloud.