Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Coast Guard is the only branch of the United States military in the Department of Homeland Security. It enforces federal law, controls the nation’s borders and maritime Approaches, and protects the United States ports and waterways. The premier maritime law enforcement agency has about 55,000 civilian employees and military service members. Like any other military branch, the Coast Guard maintains systems that store national security intelligence and personnel records.

Mars Hydro is a leading Chinese brand producing a wide range of Internet of Things (IoT) devices for indoor gardening and the hydroponics industry. It specializes in designing energy-efficient LED grow lights catering to various plant growth stages, from seedling to flowering, ensuring optimal yield for users.

For our introduction to the challenge, please see Part I.

When it comes to vulnerability management, time is critical - the longer a vulnerability goes unaddressed, the greater the risk. Security teams need efficient, reliable processes that don’t drain resources. For most teams, relying on human effort alone isn’t sustainable or scalable. This is why so many teams turn to workflow orchestration and automation.

Researchers at Cyble warn that a phishing kit is abusing the Open Graph (OG) protocol to target social media users. The Open Graph protocol, originally developed by Facebook in 2010, allows users to control the content preview that’s displayed when a link is posted on social media. The phishing kit, dubbed “OG Spoof,” abuses this feature to post malicious links that appear legitimate.

Phishing and malicious emails remained the primary vectors of infection during the second half of 2024, according to a new report from Acronis. “The number of email-based attacks detected in the second half of 2024 increased 197% compared to the second half of 2023, while the number of attacks per organization within the same time frame increased by 21%,” the report says.

Another major crypto exchange has fallen victim to a hack—this time, Bybit. While the full impact is still unfolding, one thing remains undeniable: storing assets in exchange wallets exposes traders to unnecessary risks. In today’s market, this risk is increasingly unnecessary and manageable, particularly with solutions like off exchange settlement.

2024 saw data-leak sites (DLSs) for 72 extortion groups materialise. As of February 2025, Cyjax has identified DLSs for five new groups, as noted in recent blogs on extortion groups Kraken, Morpheus, GD LockerSec, and Babuk2. The fifth one to emerge goes by the name Linkc. Read on to find out what Cyjax knows so far about this new entrant into the data leak extortion scene.

Technology is rapidly redefining how we live and work. As CIO at CyberArk, I often get asked about the themes and realities shaping today’s tech agenda. Some of them—I’m looking at you, AI—are shiny and hyped, while others are familiar and fundamental yet equally important. Here’s a look at five on the top of my list.