Law enforcement agencies worldwide have coordinated to take down one of the world’s largest hacker forums, scoring a victory against cybercrime. BreachForums, a notorious marketplace for stolen data, was seized by the authorities on Wednesday, according to a message on its website.

As technology becomes more complex, the need for strong cybersecurity measures has never been more critical. Statistics speak for themselves – according to the 2023 Annual Data Breach Report, the world has seen a 78 percent increase in 2023 in data compromises compared to the previous year. The reasons can be different – from human mistakes and ransomware to security misconfigurations.

When it comes to cloud security and compliance, it’s easy to feel like you’re drowning in a sea of regulations and requirements. But don’t worry; we’re all in the same boat! That’s why we’re thrilled to share our latest point-of-view (POV) paper, “Practical Cloud Security in the Era of Cybersecurity Regulation,” which is crafted with our deep industry expertise and experience.

An organization’s software supply chain includes all the elements involved in developing and distributing software, such as components, tools, processes, and dependencies. Each link in this important chain presents the potential for security threats. Recent research conducted by Gartner shows a major increase in attacks targeting code, tools, open-source components, and development processes, particularly in areas where organizations lack visibility.

Read also: MIT brothers charged with a $25M crypto theft, BreachForums hacking forum seized, and more.

We are excited to announce today that Coralogix has achieved FedRAMP Ready status and is now listed in the Federal Risk and Authorization Management Program Marketplace. This significant milestone underscores Coralogix’s commitment to providing secure, compliant, and efficient observability services to customers, especially within the government sector. This achievement paves the way for Coralogix to provide US government entities with full-stack, cost-effective observability capabilities.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A request for an eye watering amount received an obvious rejection.

It’s been a while since I’ve blogged. Things have been busy; Bitsight released a great report authored by yours truly on CISA’s KEV catalog. It’s really great if I do say so myself so I highly recommend going and giving it a glance.

Rapid7 reports an interesting social engineering scheme that easily bypasses content filtering defenses and creatively uses a fake help desk to supposedly “help” users put down the attack. The Black Basta ransomware group, also covered in a recent CISA warning bulletin, floods a victim’s email inbox with many, many emails. The emails are often otherwise legitimate emails, such as newsletter confirmation emails, which most email content filtering gateways would not block.

Released by the Ponemon Institute and sponsored by Synopsys, the 2024 “The State of Software Supply Chain Security Risks” report surveys over 1,200 global IT and security practitioners on challenges their organizations face in securing the software supply chain. Here are six key findings from the report every cybersecurity professional should know.