Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Coralogix is excited to announce a major enhancement to our Unified Threat Intelligence (UTI) capabilities – now with expanded IOC matching beyond IPs. While our earlier focus was primarily on detecting malicious IP addresses, threats have evolved. Attackers now hide behind encrypted traffic, disposable domains, and polymorphic files. To stay ahead, we’ve normalized new critical fields – JA3, JA4, domain, URL, and file hash and integrated them into our UTI engine.

Sr. Technical Content Strategist The LimaCharlie SecOps Cloud Platform, now available on Google Cloud Marketplace, delivers the building blocks enterprise SOCs need to integrate, customize, and manage security operations their way: API-First Architecture- Integrate existing solutions, telemetry sources, and third-party resources to standardize your security stack and centralize control over operations. Modular and Scalable- Deploy only the capabilities you need.

Every audit turns up a few surprises. A missing patch here. A policy that was missing a few key processes. An employee training record that slipped through the cracks. Together all of these gaps tell a story: somewhere, a control isn’t doing what you expect. ‍ In GRC, we give those events names, issues, risks, and exceptions, and the way they connect is what separates a reactive program from a resilient one. ‍

If your organization collects personal information from Canadian residents—whether through e-commerce websites, SaaS applications, or marketing platforms—PIPEDA likely applies to you. The challenge? PIPEDA’s principles-based framework is intentionally broad, making it difficult for organizations to know where they stand. One of the most overlooked areas of compliance is the client-side of web applications, where third-party scripts, pixels, and tag managers quietly handle customer data.

In this episode of Security Matters, host David Puner sits down with Matt Barker, CyberArk’s VP and Global Head of Workload Identity Architecture, for a deep dive into the exploding world of machine identities and the urgent need to rethink how to secure them.

In a bad dream, you open the closet. You think you know exactly what’s in there: a few SSH keys, a bunch of TLS certificates, and some secrets like API keys locked in what you believe to be a safe place. But pull it all out and suddenly you find yourself face-to-face with stacks of forgotten ciphers, drawers stuffed with expired certificates, and algorithms in use you thought teams had left behind in 2011. And that’s just for one application.

The old phrase “we’re only human, after all” is what cyber-adversaries are relying upon to gain access to intellectual property, data, and credentials. Adversaries prey on the humanity in us to read an unsolicited email, act out of a sense of urgency, or succumb to their scare tactics. We are bombarded with social engineering scams daily. Why do some of us fall victim while others see through veiled attempts at getting us to relinquish something of value?

On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with credential-harvesting malware. Using GitGuardian's monitoring data, we analyzed the exfiltrated credentials and reconstructed a fuller scope of exposure.

I still remember the soft whir of the server room fans and that faint smell of ozone when we, a team of cybersecurity analysts, traced a spike in traffic to a “harmless” low-code workflow. A store manager had built a nifty dashboard to pull sales numbers. It looked tidy, almost playful – boxes, arrows, green check marks. Under the hood, it was hitting an internal API without proper authentication.

Shared workstations are essential to productivity in manufacturing, but they can also create blind spots in your organization’s security. Inadequate identity verification, poor security practices, and a lack of accountability make them a prime target for ransomware, phishing, and insider attacks. Security leaders often aren’t sure about where to begin when securing shared workstations.