Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Some common cyber threats facing the retail industry include ransomware attacks, social engineering, system intrusions and insider threats. The retail sector is often targeted by cybercriminals because of the valuable customer data it processes, including credit card information, Personally Identifiable Information (PII) and shopping patterns. This data is often collected and sold on the dark web for financial fraud or identity theft.

The cloud gives you agility, speed, and flexibility – but it also opens new doors for attackers. For DevOps teams, every line of code, every container, and every deployment pipeline is a potential entry point and missteps are easier than ever. Misconfigurations alone cause 80% of all security breaches in cloud environments, so the stakes are even higher. This poses a severe security risk with wide-ranging consequences, making it evident that cloud-native environments demand a new security mindset.

As 2025 progresses into its second week, it has not taken long for a new data-leak site (DLS) for an extortion group to emerge. December 2024 saw the emergence of LeakedData, FunkSec, and Bluebox. This week, the new group goes by the name Morpheus. Read on to find out what Cyjax knows about this new entrant into the extortion scene so far.

Docker security refers to the build, runtime, and orchestration aspects of Docker containers. It includes the Dockerfile security aspects of Docker base images, as well as the Docker container security runtime aspects—such as user privileges, Docker daemon, proper CPU controls for a container, and further concerns around the orchestration of Docker containers at scale. The state of Docker container security unfolds into 4 main Docker security issues.

Credential stuffing is a type of cyberattack where attackers use stolen username and password combinations, often obtained from previous data breaches, to gain unauthorized access to multiple online accounts. The attacker automates the process of trying these combinations across various websites, hoping that users have reused the same login details.

On September 19th, 2024, a critical vulnerability (CVE-2024-40748) was discovered in Joomla version 5.1.4, exposing their website to stored cross-site scripting (XSS) attacks. Stored cross-site scripting (second-order or persistent XSS) arises when an application receives data from an untrusted source and unsafely includes it within its later HTTP responses. This could lead to attackers injecting malicious scripts into the website, which would be executed whenever a user visits a specific page.

Traditionally, approaches to Attack Surface Management (ASM) went something like this: A business scanned its own IT estate to discover assets and understand what its attack surface actually included. We can think of this as Phase I. Following the completion of an asset inventory, they assessed each of their assets to identify risks and vulnerabilities, such as open ports, certificate issues, DNS misconfigurations, and more.

It’s becoming all too common these days: ransomware hitting another organization. However, most people don’t know exactly what happens when ransomware is found and what must be addressed. What makes it even more challenging for healthcare is that the data that can be stolen, like personal health information, is much more valuable than credit card numbers.

In my experience, computers are only as smart as the person in front of them. Same with AI. The results are dependent on the prompts given. Today, users typing prompts from their brains into Microsoft Security Copilot may find it hard to get value. Prompts with adequate specificity are difficult to create, let alone repeat.

However, the growing convergence of IT and OT due to digital transformation initiatives has exposed OT environments to a wide array of cybersecurity threats, creating an urgent need for robust and tailored security solutions.