Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On April 3, 2025, the National Security Agency and other partner agencies released a critical advisory about DNS and Fast Flux. They even called it a national security threat due to the potential dangers involved. In this article, we’ll go over what Fast Flux is and how Sysdig Secure detects this attack technique. We’ll also cover gathering potential Fast Flux domain names from VirusTotal.

As the threat landscape continues to develop, ransomware and data broker groups constantly emerge, develop, and disband. Cyjax has observed a significant number of new data-leak sites (DLS) emerge in March 2025, with a total of 14 new sites. This is the highest observed number of extortion groups which have emerged in a single month. The second highest number was observed in September 2022, when 10 data-leak sites emerged. Overall, 21 DLSs have been identified in 2025 so far.

Leadership is the backbone of any successful operation, streamlining complex processes and ensuring that teams work with clarity and direction. In the fast-evolving world of threat intelligence, where vast amounts of data must be analysed and acted upon swiftly, strong leadership becomes even more crucial. As Stephen Covey said, “Effective leadership is putting first things first.

As cyber threats continue to exploit systemic vulnerabilities in widely used technologies, the United States Cybersecurity and Infrastructure Agency (CISA) produced best practices for the technology industry with their Secure-by-Design pledge. Cloudflare proudly signed this pledge on May 8, 2024, reinforcing our commitment to creating resilient systems where security is not just a feature, but a foundational principle.

Organisations face significant challenges in maintaining visibility over their expanding technology footprint. Attack surface management addresses the need to understand what technology assets exist, where they’re located, how vulnerable they are and how supply chains might impact security posture.

Protecting a large enterprise is like playing goalkeeper in a soccer match. A CISO’s job is to keep the net clean while multiple attackers close in from various angles, aiming to score. No matter how many shots the goalie blocks, a single goal can win the game for the opposition.

Not surprisingly, with the new US administration bringing in new policies to support digital asset regulations, US banks have been asking Fireblocks what opportunities this creates for them. In a recent webinar with American Banker, we polled US banks to get insights into how they are incorporating digital assets into their strategies. Here’s what we found.

Let’s think about a scenario where an IT operations team needs to track cost anomalies but does not require access to budget configurations or administrative settings. They have to go through the ticketing process to get sufficient access. Managing access to cost data and ensuring the right stakeholders have the appropriate permissions becomes a challenge.

Ask any CTO if they pentest their web apps, APIs, or cloud infrastructure; the answer is almost always yes. But ask if they’ve ever pentested their Salesforce environment, and you’ll likely get a silent—or hesitant- “Doesn’t Salesforce security cover that?” Here’s the problem: Salesforce is not just a CRM. It’s an application stack, a data warehouse, and a workflow engine—all deeply integrated with your business operations.

Starting February 2025, Netskope Threat Labs has tracked and reported on multiple phishing and malware campaigns targeting victims searching for PDF documents on search engines. Once they open the PDFs, the attackers employ various techniques to direct these victims to malicious websites or trick them into downloading malware.