Human error behind misconfigurations, a host of insecure remote access issues, exposed business credentials with reused passwords and unpatched vulnerabilities have all contributed to a significant increase in cloud security incidents. Many organizations don’t foresee the challenges of what it will take to protect their data and operations after a move to the cloud.
Undeniably, many companies fail to subscribe to an effective process for developing software that does not introduce added risk to the enterprise. Proprietary applications are coded without regard for security implications and are rushed to production in the name of increased quarterly revenue opportunities. Poorly engineered code can result in software security issues such as buffer overflows, improperly handled exceptions, memory leaks and input validation issues.
In late 2022, artificial intelligence (AI) chat and conversational bots garnered large followings and user bases. AI chatbots, including ChatGPT, Meta’s Blender Bot3 and DeepMind, and Google’s Sparrow, have numerous benefits and uses, including potentially replacing current search engines, but there are notable drawbacks.
A major logistics company was hit by a ransomware attack at a time when it was reviewing and upgrading its cybersecurity defense. Kroll provided seamless incident response to enable the company to act quickly to mitigate and minimize the damage caused by the attack. The company also deployed Kroll Responder, Kroll’s award-winning Managed Detection and Response (MDR) solution, giving it comprehensive 24/7 visibility and management of threats and enhancing its long-term cyber resilience.
As part of a project to obtain more awareness of initial attack vectors outside of the common phishing and web application exploitation, Kroll’s Cyber Threat Intelligence team has developed a tool to enable the enhanced monitoring of the Python Package Index (PyPI) to find and obtain malicious packages that are added to it.
Bloor analyzed the most often cited MDR providers delivering technology-agnostic services and named Kroll a Champion. Nearly three years since Bloor Research analyzed the managed detection and response (MDR) landscape, its 2023 MDR Market Update shows a maturing market sector where vendors go beyond endpoint detection and response (EDR) to ingest a variety of telemetry, including cloud services, and develop more robust incident response (IR).
Kroll helps development teams build agile penetration testing programs that prioritize security posture throughout the project life cycle while maintaining a rapid release cadence. When it comes to modern application delivery, speed and agility are the name of the game. Customer demands are driving rapid release cycles, pushing development teams to create new products and to update existing ones at a much more aggressive pace.
In a year where headlines were dominated by the global economic and geopolitical uncertainty around Russia’s war on Ukraine, 2022 saw a threat landscape that was both volatile and fragmented, largely due to the war. As the year drew to an end, ransomware hit a peak, primarily due to the rise in attacks impacting the manufacturing, health care, technology and telecommunications industries.
The threat actor group behind Royal ransomware first appeared in January 2022, pulling together actors previously associated with Roy/Zeon, Conti and TrickBot malware. Originally known as “Zeon” before renaming themselves “Royal” in September 2022, they are not considered a ransomware-as-a-service (RaaS) operation because their coding/infrastructure are private and not made available to outside actors.
Hive has been seized by law enforcement, but were likely to still see these initial access methods and tactics used across other threat actor groups.
