Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In a bad dream, you open the closet. You think you know exactly what’s in there: a few SSH keys, a bunch of TLS certificates, and some secrets like API keys locked in what you believe to be a safe place. But pull it all out and suddenly you find yourself face-to-face with stacks of forgotten ciphers, drawers stuffed with expired certificates, and algorithms in use you thought teams had left behind in 2011. And that’s just for one application.

In this episode of Security Matters, host David Puner sits down with Matt Barker, CyberArk’s VP and Global Head of Workload Identity Architecture, for a deep dive into the exploding world of machine identities and the urgent need to rethink how to secure them.

If your organization collects personal information from Canadian residents—whether through e-commerce websites, SaaS applications, or marketing platforms—PIPEDA likely applies to you. The challenge? PIPEDA’s principles-based framework is intentionally broad, making it difficult for organizations to know where they stand. One of the most overlooked areas of compliance is the client-side of web applications, where third-party scripts, pixels, and tag managers quietly handle customer data.

Every audit turns up a few surprises. A missing patch here. A policy that was missing a few key processes. An employee training record that slipped through the cracks. Together all of these gaps tell a story: somewhere, a control isn’t doing what you expect. ‍ In GRC, we give those events names, issues, risks, and exceptions, and the way they connect is what separates a reactive program from a resilient one. ‍

Sr. Technical Content Strategist The LimaCharlie SecOps Cloud Platform, now available on Google Cloud Marketplace, delivers the building blocks enterprise SOCs need to integrate, customize, and manage security operations their way: API-First Architecture- Integrate existing solutions, telemetry sources, and third-party resources to standardize your security stack and centralize control over operations. Modular and Scalable- Deploy only the capabilities you need.

Coralogix is excited to announce a major enhancement to our Unified Threat Intelligence (UTI) capabilities – now with expanded IOC matching beyond IPs. While our earlier focus was primarily on detecting malicious IP addresses, threats have evolved. Attackers now hide behind encrypted traffic, disposable domains, and polymorphic files. To stay ahead, we’ve normalized new critical fields – JA3, JA4, domain, URL, and file hash and integrated them into our UTI engine.

Last night, our automated Aikido Intel system alerted us that potentially malicious code was detected in some packages within the @nx scope, which include packages with as many as ~6 million weekly downloads. The scope and impact of this breach are significant, as the attacker chose to publish the stolen data directly on GitHub, rather than sending it to their own servers. This means that there’s a SIGNIFICANT amount of credentials that are publicly available on GitHub.

Cybercriminals frequently target Small and Medium-sized Businesses (SMBs) due to their limited security resources. As cyber attacks become more sophisticated, SMBs must proactively defend their critical systems and sensitive data by investing in the right cybersecurity tools. Some cybersecurity tools that every SMB should consider adding to their security stack include a password manager, a Privileged Access Management (PAM) solution, a secure remote access solution and a secrets manager.

On August 20, 2025, Salesloft published an advisory describing a security issue potentially affecting the Salesloft Drift integration with Salesforce. On August 26, Google Threat Intelligence Group (GTIG) provided additional details about the campaign, in which a threat actor known as UNC6395 authenticated against Salesforce customer instances using compromised OAuth tokens tied to the Salesloft Drift integration with Salesforce.

One can’t discuss the modern state of endpoint security without mentioning a term that has quickly become ubiquitous with security solutions: artificial intelligence (AI). With a constantly evolving threat landscape and many security challenges plaguing organizations (e.g sprawling attack surfaces, monitoring and continuity gaps, alert overload, and limited resources), it’s clear that endpoint security must evolve as well, and the most-promising advancement is AI.