First Publishied Nov 6th 2023 Updated May 9th 2024 Last seen on this month, 8Base is a ransomware collective that initiated its operations in April 2022. Despite its relatively short time in the cyber landscape, the group has swiftly garnered a reputation for its forceful strategies and the substantial volume of victims it has affected.

As with every year, the Verizon DBIR is released, with data involving more than 10,000 breaches that have been dissected and used to create the report’s baseline. Cyberint’s Research team inspected the document to understand where the cyber security realm is heading, the important trends in data breaches and incidents, and what we need to look for moving forward in 2024.

The UK, US, and Australia have revealed the identity of Dmitry Khoroshev, a Russian national and the leader of the once-notorious LockBit ransomware group, following an international disruption campaign led by the National Crime Agency (NCA).

You know that sinking feeling after you hit “commit”? That moment when you suddenly wonder, “Wait, did I just accidentally expose an API key or hardcode a password?” We’ve all been there, and the risks are no joke. But here’s the good news—there’s a way to ditch that anxiety for good. In 2023, GitHub’s automated scanning blocked over 12.8 million leaked secrets. Code leaks are every developer’s worst nightmare.

Removing friction between DevOps and Security teams can only lead to good things. By pulling in the same direction, DevOps can make sure developers continue to work with minimum interruption, while automation and background processes make security more effective and consistent than before. And, security teams have the visibility and understanding of the software development life cycle (SDLC), to improve developer experience and reduce risks and incidents for the organization.

The Rolling Stones wanted to protect their space; we, as security practitioners, need to protect ours. Data 'castles' in the cloud are out there, and they're constantly under siege. By drawing inspiration from a band that embodied personal freedom, we can draw some – okay, very stretched - parallels to modern cloud security. Nonetheless, they work. And we all knew this blog was coming. And if you read the blog backward you can hear the name of the latest malware family... Maybe.

Classrooms have never been more connected. Many students are issued laptops or tablets instead of textbooks, while teachers and administrators rely on dozens of apps and connected devices like Smartboards to provide instruction, track grades, manage bus schedules, create budgets, and orchestrate countless other school-related activities.

New analysis of cyber attacks shows ransomware attacks are running far more rampant than previously thought, with half of organizations blaming poor cyber hygiene. After last year’s shocking stat that 70% of organizations pay the ransom, it’s really surprising to see that an even greater percentage (91%) have paid a ransom at least once in the last 12 months – this according to Extrahop’s 2024 Global Cyber Confidence Index.

Behavioral threats and social engineering attacks target the human psyche rather than exploiting technical vulnerabilities. They rely on psychological manipulation, deception, and exploiting human trust to trick individuals into divulging sensitive information, clicking on malicious links, or taking actions that compromise security. Understanding these tactics and the human behaviors they exploit is key to effectively mitigating email security risks.

For security analysts navigating an increasingly complex threat landscape, the ability to quickly identify and respond to attacks is critical. Security information and event management (SIEM) tools have been integral to helping security teams quickly respond to attacks. Now, in the era of generative AI, Elastic is changing the game by delivering AI-driven security analytics to replace SIEM and modernize the SOC.