Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today, businesses don’t just rely on digital networks—they’re woven into them, with partners, third-party apps, and cloud platforms shaping their every move. Yet, every click, swipe, and connection opens a new door for attackers. As of August 2024, a staggering 52,000 new common vulnerabilities and exposures (CVEs) were identified worldwide, with last year alone witnessing a record 29,000 CVEs. These numbers paint a clear picture: cyber threats are multiplying at an alarming rate.

Following the emergence of data-leak sites (DLSs) for new extortion groups Kairos, Chort, Termite, and CONTfr, Cyjax has observed a DLS for a group going by the name ’Argonauts Group’. This group has claimed 10 victims so far. This brings the total of new DLSs discovered this month to seven, with a few days remaining in November.

Today, we’re thrilled to announce Jit Tags, which organizes security risks across your environment by microservice, application, business unit, and other vectors, while providing a high-level risk overview of each component.

Microsoft 365 (M365) has become the industry standard for business email platforms, allowing users access to a variety of interconnected productivity and communication applications. With data readily available across multiple applications within M365, threat actors are using a specific technique to exfiltrate data within a user’s M365 email account.

The rapid adoption of cloud technologies and the increasing reliance on distributed workforces have transformed the modern business landscape. However, these shifts come with significant risks, particularly concerning the protection of sensitive data.

When the tools in your security stack work together, it reduces administration overhead, lowers costs, and increases protection across your organization. That’s why we’ve spent the last year deepening our partnership and product integrations with AWS and other security providers in their ecosystem.

API abuse and web application bot attacks are often confused. This is understandable, as both involve automated interactions and are usually executed by bots. Both attack vectors are prevalent; criminals are always eager to disrupt the foundations on which businesses base their operations to achieve their malicious goals and they frequently automate their actions for maximum results.

Welcome to the second part of our investigation into the Rockstar kit, please check out part one here. This blog tackles real-world Rockstar 2FA email examples incorporating noteworthy techniques.