Data security is vital to your organization’s well-being. A single data breach costs $4.88 million on average, according to IMB’s Cost of a Data Breach Report 2024. Besides financial losses, data exfiltration may damage a brand’s reputation, cause operational disruptions, and result in legal actions. Therefore, giving maximum attention to your cybersecurity measures and constantly enhancing them is a must.

A phishing campaign is targeting users with phony offers to beta test new video games, according to researchers at Malwarebytes. The phishing messages are sent via Discord, email, or text message. The messages purport to come from a game developer, and include a link to download an archive supposedly containing the game’s installer.

Opti9’s partnership with Backblaze has reached an important new milestone: the launch of the Canada East (CA East) data region. By leveraging Opti9’s expertise in Canadian data centers, Backblaze is now able to expand its footprint and meet the growing demand for compliant, high-performance cloud storage solutions in Canada.

In 2024, the public sector faced a number of data breaches, highlighting the vulnerability of government agencies and public institutions in the face of evolving cyber threats. From leaked sensitive data to ransomware attacks targeting critical infrastructure, these incidents exposed significant gaps in cybersecurity measures. As cybercriminals grow more sophisticated, the stakes for protecting personal and national data have never been higher.

Some common cyber threats facing the retail industry include ransomware attacks, social engineering, system intrusions and insider threats. The retail sector is often targeted by cybercriminals because of the valuable customer data it processes, including credit card information, Personally Identifiable Information (PII) and shopping patterns. This data is often collected and sold on the dark web for financial fraud or identity theft.

The cloud gives you agility, speed, and flexibility – but it also opens new doors for attackers. For DevOps teams, every line of code, every container, and every deployment pipeline is a potential entry point and missteps are easier than ever. Misconfigurations alone cause 80% of all security breaches in cloud environments, so the stakes are even higher. This poses a severe security risk with wide-ranging consequences, making it evident that cloud-native environments demand a new security mindset.

As 2025 progresses into its second week, it has not taken long for a new data-leak site (DLS) for an extortion group to emerge. December 2024 saw the emergence of LeakedData, FunkSec, and Bluebox. This week, the new group goes by the name Morpheus. Read on to find out what Cyjax knows about this new entrant into the extortion scene so far.

Docker security refers to the build, runtime, and orchestration aspects of Docker containers. It includes the Dockerfile security aspects of Docker base images, as well as the Docker container security runtime aspects—such as user privileges, Docker daemon, proper CPU controls for a container, and further concerns around the orchestration of Docker containers at scale. The state of Docker container security unfolds into 4 main Docker security issues.

Credential stuffing is a type of cyberattack where attackers use stolen username and password combinations, often obtained from previous data breaches, to gain unauthorized access to multiple online accounts. The attacker automates the process of trying these combinations across various websites, hoping that users have reused the same login details.

On September 19th, 2024, a critical vulnerability (CVE-2024-40748) was discovered in Joomla version 5.1.4, exposing their website to stored cross-site scripting (XSS) attacks. Stored cross-site scripting (second-order or persistent XSS) arises when an application receives data from an untrusted source and unsafely includes it within its later HTTP responses. This could lead to attackers injecting malicious scripts into the website, which would be executed whenever a user visits a specific page.