• Cyber Safety
  • Posts
  • New DNS Armor, Exposed APIs & SIEM Goes Big

New DNS Armor, Exposed APIs & SIEM Goes Big

June 05, 2025

In partnership with

Akamai Launches DNS Posture Management to Fortify Hybrid Infrastructures

A new agentless solution strengthens DNS visibility and remediation:

  • Live Monitoring: Track DNS configurations in real time across platforms.

  • Multi-Cloud Support: Compatible with Akamai Cloud, AWS, Azure, and GCP.

  • Built-in Cert Monitoring: Prevent lapses in security with automated certificate oversight.

  • Centralized Control: Swiftly resolve misconfigs to shut down vulnerabilities.

As DNS attacks grow, Akamai’s tool is built for agile defense in hybrid environments.

Creating compliance training can be a drag, even for the pros. PETE makes it easy by automating: course creation, policy updates, and real-time assessments

Fast, easy, and always audit-ready.

Pennsylvania Senate Advances Cybersecurity Legislation with TikTok Ban

Two bipartisan bills aim to harden digital defenses:

  • Statewide TikTok Ban: Prohibits TikTok on state devices amid federal and national security concerns.

  • Mandatory NIST Compliance: Requires cybersecurity standards in all state IT contracts.

  • Proactive Strategy: Senator Kristin Phillips-Hill leads effort to modernize state IT safeguards.

These moves set a precedent for stronger digital policy at the state level.

Google Uncovers Fake Salesforce App in Vishing-Fueled Data Theft Campaign

UNC6040 targets enterprise trust to breach corporate data:

  • Voice Phishing: Threat actors impersonate Salesforce to redirect victims to fake Data Loader downloads.

  • Global Reach: At least 20 organizations affected, with confirmed data breaches.

  • Social Engineering Risks: Proves technical defenses aren’t enough without human awareness.

Salesforce urges vigilance and verified downloads amid growing impersonation threats.

Shocking API Key Leaks Found in Popular Chrome Extensions

High-risk flaws in trusted tools threaten data security:

  • Plaintext Transmissions: Tools like SEMRush Rank and Browsec VPN expose machine IDs and browsing data.

  • Unsafe Password Managers: Unencrypted requests compromise trust and user credentials.

  • Embedded Secrets: Hardcoded API keys offer attackers easy access to private services.

Until fixes are in place, users are advised to uninstall these extensions immediately.

Plurilock Wins $1.3M in Cybersecurity Contracts, Expands Critical Services

Strategic client growth signals momentum in managed security:

  • New Deals: Pen testing, SIEM renewals, and SOC analyst services across key industries.

  • Strong Partnerships: Leverages alliances with CrowdStrike and Abnormal Security.

  • Sector Growth: 178% YoY increase in Critical Services revenue.

CEO Ian Paterson underscores the value of board-level cyber initiatives.