Data leaks sites (DLSs) commonly debut with a small number of claimed victims. When Cyjax discovered them, newly found DLSs for extortion groups FunkSec and Kairos claimed 11 and six victims, respectively. In contrast, a newly identified possible extortion group which aptly calls itself ’LeakedData’ has emerged onto the scene with an alleged total of 41 victims.

As another year comes to an end, it’s not only Santa who brings presents for those on his nice list. These days, it’s quite common for well-known firms to publish their annual roundups of the most notable events that have taken place in the cybersecurity landscape, together with predictions of what can we expect in next twelve months.

In today's fast-paced software development environment, security can no longer be an afterthought. Product security aims to embed security at every stage of the development lifecycle, and Static Application Security Testing (SAST) plays a crucial role in this process. By scanning source code early in the pipeline, SAST helps developers catch security issues before they reach production.

Attack surface management (ASM) is becoming a vital tool for any organization that utilizes digital assets or is undergoing digital transformation. Whether it’s web applications, IoT devices, or endpoint entry points, every digital asset escalates an attack surface in complexity and size.

Adversaries are advancing faster than ever, exploiting the growing complexity of business IT environments. In this high-stakes threat landscape, generative AI (GenAI) is a necessity. With organizations grappling with skills shortages, sophisticated adversaries and operational complexity, 64% of security professionals have already kicked off their GenAI purchase journey.

Picture this scenario: You’ve used every tool you have to secure your web pages and forms so patient information is safe. One day, a potential patient Googles “hysterectomy options” and ends up on your hospital’s website. They browse around, maybe even schedule an appointment online. You have no reason to worry, right? Because you’ve done what you could to secure those pages.

CMMC assessments began on 16 December. If you handle CUI, here’s 3 things you need to know for CMMC The CMMC final rule change is now live. On 16 December, certified third-party assessment organizations (C3PAOs) officially began assessing DoD contractors. Given the wide disparity between the number of assessment teams (~100) and members of the Defense Industrial Base looking for certification (~100,000), DoD contractors need to ensure they are assessment-ready asap.

Cyber insurance underwriters consider a range of variables to assess the risk a company presents and, consequently, determine premiums. These variables can broadly be categorized into organizational factors, security posture, third-party interactions, and incident history.

Imagine this: you're at home, eagerly waiting for the new device you ordered from Amazon. The package arrives, you power it on, and start enjoying all the benefits of 21st century technology—unaware that, as soon as you powered it on, a scheme was unfolding within this device. Welcome to the world of BADBOX. BADBOX is a large-scale cybercriminal operation selling off-brand Android TV boxes, smartphones, and other Android electronics with preinstalled malware. What does this mean?