It is nearing 2025, and data-leak sites (DLSs) for extortion groups continue to emerge. November 2024 continues this trend, with Cyjax observing the thirteenth most recent materialisation of a DLS for an extortion group calling itself “Kairos”. At the time of writing, Kairos has claimed attacks against six victims, two of which have acknowledged significant data breaches in 2024. However, it is unclear whether these are related.

As organizations continue to embrace digital transformation, their infrastructure increasingly spans cloud environments, third-party integrations, and remote work setups. This shift enhances efficiency and productivity—but also broadens the digital attack surface, creating new points of exposure to the public internet.

It is hard to believe that World IPv6 Launch Day was 12 years ago on 6 June 2012, and while worldwide adoption of IPv6 continues to accelerate, uptake has not been as fast as anticipated. The purpose of the World IPv6 Launch Day was to encourage service providers and web companies to test their services and evaluate their capabilities in the face of the global exhaustion of IPv4 addresses.

Let’s take a look at how traditional vulnerability assessment (VA) tools compare to those built specifically to assess database security. General vulnerability assessment tools have been in use for more than 25 years, so the technology is mature. However, there are significant differences in the tools available and their specific purposes regarding database security management. Many VA solutions on the market offer general vulnerability assessments, focusing on a wide range of IT assets.

Whether it’s logging into social media, making an online purchase, or accessing government services, digital IDs are a popular way to verify a person online across various apps and platforms. However, the challenge arises when you need to manage and secure all your digital IDs, like email addresses, credentials, and personal information. Well, the way digital identities are managed today often involves a centralized system like social media apps and platforms, which can leave individuals vulnerable.

Hacktivism – the practice of carrying out cyberattacks to advance political or social goals – is not new. Hacktivist attacks go as far back as the 1980s. Yet today’s hacktivists often look and operate in ways that are markedly different from their predecessors. They’ve embraced new techniques, they often have more resources at their disposal and they can prove more challenging to stop.

Today, we’re excited to announce that Fireblocks has expanded our blockchain support with the addition of Unichain – a Superchain L2 built by Uniswap Labs that’s designed to be the home for DeFi and liquidity across chains. At Fireblocks, we are committed to continually delivering the fastest blockchain support and building secure solutions to access and trade across DeFi platforms.

Data-handling platforms such as Azure DevOps are often relied on by many different modern organizations, therefore it is important to secure such environments. These widely used platforms simplify DevOps processes like project management and the work of developers. However, there is a downside, the rise of technology brings an increased risk of cyber attacks.

Application Security Posture Management (ASPM) emerged to address gaps in traditional application and cloud security scanners – like SAST, SCA, secrets detection, IaC scanning, CSPM, and many others – that generate noisy alerts and silo security insights across various tools. By providing a consolidated view of product security risks that are prioritized according to their business and runtime context, ASPM helps security teams understand which issues truly matter.

With 2025 just around the corner, we have once again reached out to our deep bench of experts to read the tea leaves and give us a sense of the trends and themes that they expect to see emerging in the new year. Here’s what the Netskope experts think is in store for next year.