Daily Digest

Palo Alto Networks Patches Critical Firewall Flaw; Microsoft Dismantles RedVDS Cybercrime Service

Palo Alto Networks Patches Critical Firewall Flaw; Microsoft Dismantles RedVDS Cybercrime Service

January 17, 2026
11 articles (11 new)
33 min read

Summary

In the last 24 hours, the cybersecurity landscape has been marked by significant defensive actions and disclosures. Palo Alto Networks released urgent patches for a high-severity denial-of-service vulnerability (CVE-2026-0227) affecting its firewalls, allowing attackers to remotely disable network protection. In a major blow to cybercrime infrastructure, Microsoft and global law enforcement agencies successfully dismantled the RedVDS 'Cybercrime-as-a-Service' platform, which was responsible for over $40 million in fraud. Concurrently, the NSA published new foundational guidelines for Zero Trust adoption, aiming to bolster national cybersecurity posture. Other key developments include strategic product launches and acquisitions from Infoblox, SpyCloud, and Acronis, all focused on enhancing threat visibility and response capabilities.

Filter by Category

New Articles (11)

RedVDS Takedown: Microsoft and Law Enforcement Disrupt $40M Cybercrime-as-a-Service Operation

HIGH

Microsoft and Global Law Enforcement Dismantle RedVDS Cybercrime-as-a-Service Platform

In a major international operation, Microsoft's Digital Crimes Unit, alongside law enforcement from the U.S., U.K., and Germany, has disrupted the RedVDS cybercrime-as-a-service (CaaS) platform. The service, operated by a group tracked as Storm-2470, provided criminals with cheap, disposable RDP servers used to launch large-scale phishing, BEC, and fraud campaigns. The operation, which took down key domains like redvds[.]com, has been linked to over $40 million in fraud losses in the U.S. and impacted more than 191,000 organizations globally.

January 17, 2026
5 min read
RedVDSMicrosoftCybercrime-as-a-ServiceCaaSTakedown +3 more
RedVDS Takedown: Microsoft and Law Enforcement Disrupt $40M Cybercrime-as-a-Service Operation
Cyberattack
Threat Actor
Phishing

NSA Kickstarts Zero Trust Adoption with New Foundational Implementation Guides

INFORMATIONAL

NSA Publishes 'Primer' and 'Discovery Phase' Guides for Zero Trust Adoption

The U.S. National Security Agency (NSA) has released the first two documents in its new Zero Trust Implementation Guidelines (ZIGs) series. The 'Primer' and 'Discovery Phase' guides are designed to provide federal agencies and other organizations with a foundational roadmap for adopting a Zero Trust security architecture. This initiative aligns with the Department of War's mandate for agencies to achieve specific Zero Trust targets and emphasizes the critical first step of gaining comprehensive visibility across all data, applications, assets, and services (DAAS).

January 17, 2026
4 min read
NSAZero TrustPolicyComplianceRegulatory +2 more
NSA Kickstarts Zero Trust Adoption with New Foundational Implementation Guides
Policy and Compliance
Regulatory
Security Operations

Infoblox to Acquire Axur, Expanding into AI-Powered External Threat Disruption

INFORMATIONAL

Infoblox Announces Plan to Acquire AI-Powered Security Firm Axur to Counter External Threats

Infoblox, a leader in DNS security and network services, has announced a definitive agreement to acquire Axur, a company specializing in AI-driven external threat detection and takedown. The acquisition will extend Infoblox's preemptive security offerings, enabling customers to combat threats like phishing, brand abuse, and credential theft that originate outside the corporate network. By integrating Axur's rapid takedown capabilities with its own DNS-level controls, Infoblox aims to significantly reduce the uptime of active cyberattacks.

January 17, 2026
3 min read
InfobloxAxurAcquisitionM&AThreat Intelligence +3 more
Infoblox to Acquire Axur, Expanding into AI-Powered External Threat Disruption
Threat Intelligence
Phishing
Other

ColorTokens Xshield Platform Gains FedRAMP Moderate Authorization, Boosting Federal Zero Trust Adoption

INFORMATIONAL

ColorTokens' Xshield Platform Gains FedRAMP Moderate Authorization

ColorTokens has achieved FedRAMP Moderate Authorization for its Xshield microsegmentation platform, a significant milestone that makes the solution readily available to U.S. federal agencies via the FedRAMP Marketplace. This authorization validates Xshield's security posture and enables government bodies to adopt the platform to accelerate their Zero Trust initiatives, particularly in preventing the lateral movement of cyberattacks across complex on-premise, cloud, and OT environments.

January 17, 2026
3 min read
ColorTokensXshieldFedRAMPZero TrustMicrosegmentation +2 more
ColorTokens Xshield Platform Gains FedRAMP Moderate Authorization, Boosting Federal Zero Trust Adoption
Policy and Compliance
Cloud Security
Security Operations

Asimily Boosts Cisco ISE Integration with Enhanced Microsegmentation for IoT/OT Devices

INFORMATIONAL

Asimily Enhances Platform with New Microsegmentation Capabilities for Cisco ISE

Asimily, a provider of cyber asset and exposure management, has launched enhanced microsegmentation capabilities, including new support for Security Group Access Control Lists (SGACL) in Cisco Identity Services Engine (ISE). This integration allows organizations to translate rich device context—such as risk, behavior, and classification—from the Asimily platform into dynamically enforced security policies in Cisco ISE. The goal is to automate the containment of threats across complex IT, IoT, and OT environments.

January 17, 2026
3 min read
AsimilyCisco ISEMicrosegmentationIoT SecurityOT Security +2 more
Asimily Boosts Cisco ISE Integration with Enhanced Microsegmentation for IoT/OT Devices
IoT Security
Security Operations
Industrial Control Systems

SpyCloud Unveils Supply Chain Threat Protection to Combat Third-Party Identity Risks

INFORMATIONAL

SpyCloud Launches Solution to Combat Supply Chain Identity Threats

SpyCloud has launched its Supply Chain Threat Protection solution, a new platform designed to give organizations visibility into identity-related compromises within their vendor and supplier ecosystems. By leveraging a massive repository of recaptured data from breaches and malware infections, the solution provides actionable intelligence on compromised credentials and infected devices affecting third parties. This allows security teams to move beyond static questionnaires and proactively address active threats within their supply chain.

January 17, 2026
3 min read
SpyCloudSupply Chain SecurityThird-Party Risk ManagementTPRMIdentity Threat +2 more
SpyCloud Unveils Supply Chain Threat Protection to Combat Third-Party Identity Risks
Supply Chain Attack
Threat Intelligence
Security Operations

Noction IRP v4.3 Launches with Automated DDoS Detection and Routing-Native Mitigation

INFORMATIONAL

Noction IRP v4.3 Introduces Automatic Anomaly Detection for DDoS Mitigation

Noction has released version 4.3 of its Intelligent Routing Platform (IRP), introducing a major new feature called Automatic Anomaly Detection (AAD). This capability uses behavior-based traffic analysis to rapidly identify DDoS attacks and other network anomalies. Once an attack is detected, the platform can automatically trigger mitigation actions using routing-native mechanisms like BGP FlowSpec or Remote Triggered Blackholing (RTBH), enabling network operators to respond to threats in seconds without relying on external systems.

January 17, 2026
3 min read
NoctionDDoSBGPBGP FlowSpecRTBH +2 more
Noction IRP v4.3 Launches with Automated DDoS Detection and Routing-Native Mitigation
Cyberattack
Security Operations
Patch Management

JumpCloud Unveils AI-Powered Tools to Govern Shadow AI and Manage Autonomous Agents

INFORMATIONAL

JumpCloud Launches AI Tools to Govern Shadow AI and Autonomous Agents

JumpCloud has introduced a suite of AI-powered capabilities for its identity and access management (IAM) platform, designed to help organizations manage the security risks of modern AI adoption. The new features focus on discovering and governing 'shadow AI'—the unsanctioned use of AI tools by employees—and applying Zero Trust principles to manage access for non-human autonomous agents. The goal is to provide IT and security teams with the visibility and control needed to turn a potential liability into a secure source of productivity.

January 17, 2026
3 min read
JumpCloudAIArtificial IntelligenceShadow AIIdentity and Access Management +2 more
JumpCloud Unveils AI-Powered Tools to Govern Shadow AI and Manage Autonomous Agents
Policy and Compliance
Cloud Security
Security Operations

Acronis Debuts S3-Compatible Archival Storage for MSPs with Predictable Pricing

INFORMATIONAL

Acronis Launches S3-Compatible Archival Storage for MSPs

Acronis has launched Acronis Archival Storage, a new long-term, S3-compatible cold storage solution aimed at Managed Service Providers (MSPs) and their SMB clients. Powered by Seagate's Lyve Cloud, the service is integrated into the Acronis Cyber Protect Cloud platform and features a predictable pricing model with no egress or API fees. This addresses a key need for compliant, cost-effective data retention for large volumes of infrequently accessed data, offering WORM immutability and high durability.

January 17, 2026
3 min read
AcronisStorageBackupArchiveMSP +3 more
Acronis Debuts S3-Compatible Archival Storage for MSPs with Predictable Pricing
Cloud Security
Policy and Compliance
Other

Armis Revamps Channel Strategy with Flexible, Tier-Free 'Select Partner Program'

INFORMATIONAL

Armis Launches New 'Select Partner Program' to Enhance Flexibility

Armis, a leader in cyber exposure management, has launched its new Armis Select Partner Program. The revamped global channel initiative moves away from traditional, rigid tiers in favor of a flexible, three-route model: selling, delivering services, and building solutions. This approach allows partners to engage with Armis in a way that best suits their business model, aiming to accelerate the adoption of the Armis Centrix platform and build a more collaborative partner ecosystem.

January 17, 2026
2 min read
ArmisChannel ProgramPartnershipMSSPCybersecurity Industry
Armis Revamps Channel Strategy with Flexible, Tier-Free 'Select Partner Program'
Other

Darktrace Hires Terry Doyle as First Chief Information Officer to Scale Enterprise IT

INFORMATIONAL

Darktrace Appoints Terry Doyle as First Chief Information Officer

AI cybersecurity leader Darktrace has appointed Terry Doyle as its first-ever Chief Information Officer (CIO). Doyle, a veteran technology executive with nearly 30 years of experience, will join the executive committee and be responsible for consolidating the company's enterprise IT and data functions. This strategic hire aims to build enterprise-scale systems and processes to support Darktrace's rapid global growth and enhance its operational discipline.

January 17, 2026
2 min read
DarktraceCIOExecutive MoveCybersecurity IndustryLeadership
Darktrace Hires Terry Doyle as First Chief Information Officer to Scale Enterprise IT
Other

📢 Share This Publication

Help others stay informed about cybersecurity threats