Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In today’s digitally driven world, cybersecurity is no longer just an IT concern, it’s a business imperative. Enter the Chief Information Security Officer (CISO): the executive responsible for overseeing an organisation’s information and cybersecurity strategy. From managing threats and risks to ensuring compliance and resilience, a CISO is critical in protecting a company’s digital assets and reputation.

In 2024, Cyjax observed the emergence of 72 extortion and ransomware group data-leak sites (DLSs). As of mid-April 2025, Cyjax has identified DLSs for 27 new groups this year, as noted in recent blogs on Morpheus, GD LockerSec, Babuk2, Linkc, Anubis, Arkana, Frag, and RALord.

In today’s digital-first world, cyber threats are not only increasing in volume, but they’re also becoming more targeted, coordinated, and expensive. According to IBM’s Cost of a Data Breach Report 2024, the global average data breach cost has reached USD 4.88 million, a 10% increase over last year and the highest total recorded to date.

CYJAX, a leader in advanced threat intelligence, and Cyro Cyber, a trusted managed security services provider, are pleased to announce a strategic partnership aimed at delivering comprehensive cybersecurity solutions to organisations worldwide.

Fraudsters are relentless in their pursuit, targeting physical cards, intercepting personal data, and exploiting online vulnerabilities, all with minimal risk and significant financial reward. In the first half of 2024 alone, unauthorised payment card fraud surged to over £275 million, marking a 7% increase compared to the previous year, according to UK Finance. While the risks associated with fraudsters are well understood, apprehending them remains a significant challenge.

A new activist group is targeting insurance companies. Boycott Bloody Insurance (BBI) aims to raise awareness of the insurance industry’s role in perceived global injustices. Escalatory tactics that disrupt insurers’ day-to-day operations are possible. This may include physical threats against premises and individuals and/or logical threats, such negative social media or cyberattacks.

Initial access brokers (IABs) form a key part of the cybercriminal ecosystem. They facilitate access for ransomware groups, data leakers, and advanced persistent threat groups (APTs) into corporate networks. They are highly specialised, professional, and operate in an established, lucrative market which is often characterised by rigid rules and conventions. Every ransomware incident or data breach begins with initial access, following the reconnaissance phase of an attack.

Leadership is the backbone of any successful operation, streamlining complex processes and ensuring that teams work with clarity and direction. In the fast-evolving world of threat intelligence, where vast amounts of data must be analysed and acted upon swiftly, strong leadership becomes even more crucial. As Stephen Covey said, “Effective leadership is putting first things first.

As the threat landscape continues to develop, ransomware and data broker groups constantly emerge, develop, and disband. Cyjax has observed a significant number of new data-leak sites (DLS) emerge in March 2025, with a total of 14 new sites. This is the highest observed number of extortion groups which have emerged in a single month. The second highest number was observed in September 2022, when 10 data-leak sites emerged. Overall, 21 DLSs have been identified in 2025 so far.

Threat intelligence is a vast and evolving field that encompasses a wide range of concepts, methodologies, and terminologies. Whether you are a cybersecurity professional, an analyst, or someone looking to enhance your understanding of the domain, being familiar with key terms is essential. However, the sheer number of acronyms and technical jargon used in threat intelligence can often be overwhelming and difficult to keep up with.