Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Digital Operational Resilience Act (DORA) is a disruptive policy that came into effect in January 2025 with the objective to boost the cyber resilience of financial institutions in the European Union. As digital transformation increases, it is crucial to ensure the availability, integrity, and confidentiality of critical IT systems to sustain financial market trustworthiness and stability.

The growing use of AI outside and within organizations is rapidly changing the threat landscape and impacting our approach to threat detection, investigation, and response. As we kickoff 2025, the following three trends suggest that cybersecurity practitioners must continue to advance their use of threat intelligence and are making important progress on that front.

In today’s rapidly evolving digital landscape, securing software systems has never been more critical. Cyber threats continue to exploit systemic vulnerabilities in widely used technologies, leading to widespread damage and disruption. That said, the United States Cybersecurity and Infrastructure Agency (CISA) helped shape best practices for the technology industry with their Secure-by-Design pledge.

Snyk is the trusted partner for financial services companies, empowering them to modernize application security while safeguarding critical infrastructure. Backed by industry leaders, we are committed to exceeding expectations, driving innovation, and redefining security for financial services. This is one of the reasons Snyk was recently inducted into JPMorgan Chase’s Hall of Innovation, for our central role in helping them to build the future of banking securely.

Snyk’s Security Labs team aims to find and help mitigate vulnerabilities in software used by developers around the world, with an overarching goal to improve the state of software security. We do this by targeting tools developers are using, including new and popular software solutions. With the meteoric rise in AI tooling – specifically the fast-growing field of AI-enabled development environments – we have been including such software in our research cycles.

Environment variables are predefined variables in an operating system, they are available in the form of key-value pairs which store important system-level or user-specific information, such as paths, user configurations, and system settings. These variables are accessible in PowerShell scripts and sessions, playing a significant role in tasks like configuring software, adjusting system paths, and managing user-specific settings.

Fireblocks Off Exchange leverages MPC technology to enable traders to allocate and mirror assets directly to an exchange from a wallet they mutually control, protecting their principal from hacks, bankruptcy, and fraud, while providing centralized exchanges with complete on-chain transparency that client accounts are fully collateralized.

In the world of malware, common ransomware schemes aim to take the data within databases (considered the "gold" in the vault of any organization) and hold them hostage, promising data recovery upon ransom payment. Typically, most of these schemes follow an expected script: encrypting files, requesting payment, and then delivering a decryption key. This model, while damaging, generally allows victims to recover if they pay the ransom.