Data encryption as your last line of defense — protecting data at rest and in transit, why key management matters, and how to apply encryption practically across your business.

seen from Malaysia
seen from Colombia
seen from United States

seen from Russia

seen from United States

seen from United States
seen from China
seen from United States
seen from United States
seen from United States

seen from Malaysia
seen from Finland

seen from United States
seen from Türkiye

seen from Malaysia
seen from Malaysia

seen from United States
seen from Romania
seen from Romania
seen from United States
Data encryption as your last line of defense — protecting data at rest and in transit, why key management matters, and how to apply encryption practically across your business.
2 stablecoins européens victimes d’un hack : MiCA n’a rien empêché
La plateforme StablR a fait face à une cyberattaque majeure, perturbant la parité de ses stablecoins, l'Euro StablR et le Dollar StablR.
➤ The StablR platform experienced a major cyberattack, leading to a loss of parity for its Euro StablR (EURR) and Dollar StablR (USDR) stablecoins. ➤ The attack exploited a vulnerability in the multisignature key management system, allowing for the unbacked issuance of millions of tokens. ➤ Despite operating under the EU's MiCA regulation and having a license from Malta, the incident highlights internal governance and operational security failures, impacting investor confidence.
Security Playbook for Digital Assets Experts: Wallet Hardening, Key Management, and Incident Response
Learn wallet hardening, MPC and HSM key management, and incident response steps to protect digital assets from drainers, poisoning, and insider risk.
➤ This article outlines a security playbook for digital asset experts focusing on wallet hardening, key management (MPC/HSM), and incident response to combat threats like wallet drainers and policy misconfigurations. ➤ It emphasizes a tiered custody model (hot, warm, cold) and removing single points of failure in key management, advocating for multi-party computation (MPC) and Hardware Security Modules (HSMs). ➤ The playbook details preparation, detection, containment, eradication, and recovery phases for incident response, stressing the importance of policy correction and compliance alignment for institutional-grade security.
MoonPay Buys Sodot in Institutional Crypto Push
MoonPay bought Sodot as it launched an institutional crypto unit focused on key management and digital asset infrastructure.
➤ MoonPay has acquired Sodot, an Israeli crypto security infrastructure company, to launch its new institutional digital asset business, MoonPay Institutional. ➤ The acquisition aims to provide financial institutions, asset managers, and trading firms with key management, transaction controls, and broader digital asset infrastructure. ➤ Led by former CFTC acting chair Caroline Pham, MoonPay Institutional's focus on security and regulatory compliance signals a strategic shift towards serving traditional finance players entering the crypto space.
MoonPay Establishes Institutional Arm Following Sodot Acquisition
MoonPay is establishing a dedicated institutional unit by acquiring Sodot, an Israeli provider of crypto security infrastructure, and plans to use Sodot’s key-management technology as the backbone for services tailored to banks, asset managers, trading firms, and exchanges enteri...
➤ MoonPay is launching a dedicated institutional division by acquiring crypto security infrastructure provider Sodot, leveraging its key-management technology for traditional finance players entering digital asset markets. ➤ The acquisition, valued at approximately $100 million, aims to expand MoonPay's services beyond retail payments to enterprise-grade infrastructure, including custody, wallet management, and stablecoin issuance. ➤ Caroline Pham, former acting chair of the CFTC, will lead the new unit, emphasizing the growing importance of robust security and regulatory compliance for institutional adoption of digital assets.
MoonPay buys Sodot to power new institutional crypto services unit
Crypto payments firm MoonPay is stepping further into institutional services after acquiring Sodot, a startup focused on digital asset security. The company said Wednesday that it will use Sodot’s key management technology as the backbone of a newly formed division…
➤ MoonPay has acquired Sodot for approximately $100 million to bolster its institutional crypto services, leveraging Sodot's key management technology. ➤ The new institutional division will cater to financial institutions, asset managers, and exchanges, offering services in trading, tokenized assets, payments, and custody. ➤ This acquisition highlights the growing demand for secure crypto custody solutions as traditional finance firms increasingly enter the digital asset space.
MoonPay buys crypto security firm Sodot in $100M push into institutional crypto
Crypto payments platform MoonPay is launching an institutional unit after acquiring Sodot, an Israeli crypto security infrastructure provider.MoonPay on Wednesday announced the acquisition of Sodot, using Sodot’s key management technology as the core infrastructure layer of its new business serving…
➤ MoonPay has acquired crypto security firm Sodot for approximately $100 million to launch an institutional unit focused on digital asset markets. ➤ The new unit will leverage Sodot's key management technology to serve financial institutions, asset managers, and trading firms, expanding MoonPay's services beyond retail payments. ➤ This move highlights the increasing demand for secure wallet and custody infrastructure from traditional finance as they enter the digital asset space.
HashiCorp Vault and the Practical Power of Secret Engines
In this blog, we will learn about Hashicorp Vault and the practical power of secret engines.
As organizations move toward cloud-native infrastructure, containers, and automation pipelines, managing sensitive data has become increasingly complex. Every application depends on credentials—database logins, API keys, encryption keys, certificates, and tokens. When these secrets are stored in configuration files or embedded in code, they create serious security risks. A single leak can expose entire systems.
HashiCorp Vault addresses this challenge by acting as a centralized security control plane for secrets. Rather than scattering credentials across environments, Vault securely stores, generates, and manages access to sensitive information. What makes Vault especially powerful is its modular system, known as Secret Engines.
Secret Engines are components that handle different categories of secrets and define how they are created, accessed, and revoked. Let’s explore how they are used in real-world environments.
Dynamic Database Credentials
One of Vault’s most valuable features is its ability to generate credentials dynamically. Instead of using permanent usernames and passwords for databases, Vault can create temporary accounts whenever an application requests access.
For example, if a microservice needs to query a PostgreSQL database, Vault generates a unique username and password with limited permissions. These credentials automatically expire after a defined time. This eliminates the need for manual password rotation and drastically reduces the damage caused by credential leaks.
Cloud Access Key Management
Cloud environments rely heavily on access keys. Vault integrates with providers such as AWS and Azure to produce short-lived access credentials on demand. Rather than sharing long-term cloud keys among teams, organizations can issue temporary keys that expire automatically. This approach strengthens security while maintaining operational flexibility.
PKI and Certificate Automation
Managing SSL/TLS certificates across distributed systems can become overwhelming. Vault’s PKI Secret Engine functions as an internal certificate authority. It can issue, renew, and revoke certificates programmatically.
In service-to-service communication, especially within Kubernetes clusters, Vault can provide short-lived certificates that secure encrypted connections without requiring manual certificate distribution.
Secure Storage for Application Secrets
Vault also offers a key-value secrets engine for storing static data such as API tokens or third-party service credentials. Access to these secrets is governed by detailed policies, ensuring that users and services only retrieve what they are explicitly permitted to access.
Identity-Based Access Control
Security is not only about storing secrets but also controlling who can use them. Vault integrates with identity providers and supports policy-driven access control. Combined with auditing features, organizations gain visibility into who accessed what and when.
Final Thoughts
HashiCorp Vault is more than a password vault. It is a comprehensive secrets management platform designed for modern infrastructure. Through its Secret Engines, Vault enables dynamic credential generation, automated certificate management, and strict access governance. By replacing static secrets with controlled, short-lived access, organizations can significantly reduce risk while improving automation and scalability.