Cyjax’s open-source intelligence team has recently conducted an investigation into Meta’s impact on fraud and scams with regards to advertisements. The investigation consisted of extensive research and data collection from dark web sources, closed and open chats, social media platforms, marketplaces, and threat actor marketing forums.

In recent years, “Pig Butchering” scams have rapidly emerged as a significant global threat, primarily targeting individuals with fraudulent investment schemes. This type of scam, originally known for its roots in China, has transformed into a global phenomenon, where victims are led to believe they are making lucrative investments, often in cryptocurrency.

Alert fatigue is the process of burning out and losing sensitivity to security alerts caused by a deluge of security alerts. Security systems generate a constant flow of alerts in modern network environments, ranging from minor irregularities to severe threats. But not all these alerts are equal in importance, and many of them are false positive alerts or low-priority problems.

Malicious files continue to be a significant threat to organizations; SonicWall reported more than six billion malware attacks in 2023. To help organizations prepare for and stay ahead of these threats, we’re introducing an integration with YARA that offers a deeper level of inspection for files across enterprise networks while helping security teams consolidate their toolset in the process.

Recent advances in AI technologies have granted organizations and individuals alike unprecedented productivity, efficiency, and operational benefits. AI is, without question, the single most exciting emerging technology in the world. However, it also brings enormous risks. While the dystopian, AI-ruled worlds of sci-fi films are a long way off, AI is helping cyber threat actors launch attacks at a hitherto unknown scale and level of sophistication. But what are AI-powered attacks?

The evolution of the professional work environment and digital transformation continues to challenge the boundaries of traditional workforce management systems and practices. With 28% of workers worldwide working from home at least one day a week, gaining visibility into the digital behavior of the workforce is paramount to effective and secure management.

Another week, another extortion group data-leak site emerges. Cyjax has continued to observe the emergence of data-leak sites (DLSs) for extortion and ransomware groups. New groups FunkSec, ContFR, Argonauts, Kairos, Chort, and Termite appeared in December and November 2024 alone, bringing this year’s total up to 69. On 11 December 2024, Cyjax identified the emergence of a Tor-based DLS belonging to a new data-leak extortion group going by the name ’Bluebox’.

As we look ahead to 2025, the cybersecurity landscape is poised for significant shifts and challenges. Here are some key predictions that I believe will take place or start to happen in the coming year.

A new report from Hornetsecurity has found that 427.8 million emails received by businesses in 2024 contained malicious content. “Once again, phishing remains the most prevalent form of attack, responsible for a third of all cyber-attacks in 2024,” Hornetsecurity’s researchers write. “This was confirmed by the analysis of 55.6 billion emails, showing that Phishing remains a top concern consistently year over year.

With the advent of cutting-edge technologies like blockchain, the payments space is rapidly evolving. A conversation between Ran Goldi of Fireblocks and Nikola Plecas of Visa Crypto took listeners on a deep dive into the world of digital assets, blockchain, and the role and potential of stablecoins in global payments.