Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Meta's impact on fraud and scams

Cyjax’s open-source intelligence team has recently conducted an investigation into Meta’s impact on fraud and scams with regards to advertisements. The investigation consisted of extensive research and data collection from dark web sources, closed and open chats, social media platforms, marketplaces, and threat actor marketing forums.

How Banshee Stealer is Redefining macOS Cyber Threats and Data Theft

MacOS, often regarded for its robust security measures, has increasingly become a target for sophisticated cyber threats. Among the latest examples is Banshee Stealer, a malware engineered to compromise macOS systems by extracting sensitive user information. Developed by Russian cybercriminals and offered at a premium subscription fee of $3,000 per month, this malware underscores the growing attention of threat actors toward macOS platforms.

Why User Activity Monitoring (UAM) is a Must for SMBs

The evolution of the professional work environment and digital transformation continues to challenge the boundaries of traditional workforce management systems and practices. With 28% of workers worldwide working from home at least one day a week, gaining visibility into the digital behavior of the workforce is paramount to effective and secure management.

Top Tool Capabilities to Prevent AI-Powered Attacks

Recent advances in AI technologies have granted organizations and individuals alike unprecedented productivity, efficiency, and operational benefits. AI is, without question, the single most exciting emerging technology in the world. However, it also brings enormous risks. While the dystopian, AI-ruled worlds of sci-fi films are a long way off, AI is helping cyber threat actors launch attacks at a hitherto unknown scale and level of sophistication. But what are AI-powered attacks?

How CISOs Can Sharpen Their Board Pitch for IAM Buy-In

In a time when 94% of companies have experienced an identity-related breach, many CISOs feel the urgency to strengthen identity and access management (IAM) across their organizations. In fact, a recent survey of CISOs found that identity is the top focus area going into 2025. However, communicating IAM’s value to the board remains a challenge—it isn’t enough for these security leaders to craft effective IAM strategies—they must also secure their board’s support.

Ivanti Patches Multiple Critical-Severity Vulnerabilities in Cloud Services Application

On December 10, 2024, Ivanti released updates for three critical-severity vulnerabilities impacting their Cloud Services Application. By chaining the vulnerabilities together, a threat actor could obtain administrative privileges via authentication bypass (CVE-2024-11639), which could then allow for remote code execution (CVE-2024-11172) and/or SQL injection (CVE-2024-11173).

5 Key Data Protection Challenges and How to Overcome Them

Organizations understand their sensitive data is everywhere — and adversaries are after it. Data protection solutions have become an essential part of modern cybersecurity strategies. Organizations realize that in order to avoid a breach, they must have a plan to monitor and control data flow at the user level so they can better understand where data is going, who is accessing it and when malicious activity occurs. But when it comes to deployment and operationalization, things can get complicated.

Corelight delivers static file analysis with YARA integration

Malicious files continue to be a significant threat to organizations; SonicWall reported more than six billion malware attacks in 2023. To help organizations prepare for and stay ahead of these threats, we’re introducing an integration with YARA that offers a deeper level of inspection for files across enterprise networks while helping security teams consolidate their toolset in the process.