Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The virtual world is ever-changing, as are the cybercriminals who continue to evolve in order to circumvent even the strongest security systems. The newest threat to hit the headlines is CoffeeLoader—a second-stage payload dropper designed to bypass endpoint security tools, digital forensic tools, and EDR (Endpoint Detection and Response) tools.

On April 3, 2025, the National Security Agency and other partner agencies released a critical advisory about DNS and Fast Flux. They even called it a national security threat due to the potential dangers involved. In this article, we’ll go over what Fast Flux is and how Sysdig Secure detects this attack technique. We’ll also cover gathering potential Fast Flux domain names from VirusTotal.

As the threat landscape continues to develop, ransomware and data broker groups constantly emerge, develop, and disband. Cyjax has observed a significant number of new data-leak sites (DLS) emerge in March 2025, with a total of 14 new sites. This is the highest observed number of extortion groups which have emerged in a single month. The second highest number was observed in September 2022, when 10 data-leak sites emerged. Overall, 21 DLSs have been identified in 2025 so far.

Leadership is the backbone of any successful operation, streamlining complex processes and ensuring that teams work with clarity and direction. In the fast-evolving world of threat intelligence, where vast amounts of data must be analysed and acted upon swiftly, strong leadership becomes even more crucial. As Stephen Covey said, “Effective leadership is putting first things first.

As cyber threats continue to exploit systemic vulnerabilities in widely used technologies, the United States Cybersecurity and Infrastructure Agency (CISA) produced best practices for the technology industry with their Secure-by-Design pledge. Cloudflare proudly signed this pledge on May 8, 2024, reinforcing our commitment to creating resilient systems where security is not just a feature, but a foundational principle.

Ransomware attacks are one of the most significant and rapidly growing cyber threats facing businesses and individuals alike. Ransomware is a type of malicious software designed to encrypt files on a victim’s system, rendering them inaccessible. The attackers then demand a ransom, usually in cryptocurrency, in exchange for the decryption key needed to restore the data. Failure to comply with the demands can result in permanent data loss or public exposure of sensitive information.

Chief Information Security Officers (CISOs) are at the forefront of the AI transformation, tasked with protecting their organisations from an evolving landscape of risks and vulnerabilities. Understanding how AI integrates into security frameworks is crucial for them to stay ahead of malicious actors. This article delves into the AI revolution's implications for cyber security, highlighting the challenges, concerns, and the evolving roles for CISOs navigating this new terrain.

Organisations face significant challenges in maintaining visibility over their expanding technology footprint. Attack surface management addresses the need to understand what technology assets exist, where they’re located, how vulnerable they are and how supply chains might impact security posture.

Protecting a large enterprise is like playing goalkeeper in a soccer match. A CISO’s job is to keep the net clean while multiple attackers close in from various angles, aiming to score. No matter how many shots the goalie blocks, a single goal can win the game for the opposition.

Not surprisingly, with the new US administration bringing in new policies to support digital asset regulations, US banks have been asking Fireblocks what opportunities this creates for them. In a recent webinar with American Banker, we polled US banks to get insights into how they are incorporating digital assets into their strategies. Here’s what we found.