In this blog post, we discuss the key security issues of the last year and explore what this could mean for 2022. With the continuous exploitation of vulnerabilities which took place in 2021 likely to continue in 2022 and beyond, organisations can benefit from conducting tabletop exercises using some of the scenarios presented below.

Here, security experts from across Redscan and Kroll share their top tips for boosting your cyber resilience in the year ahead.

In this blog post, we explore Cloud Controls Matrix, what’s included in the framework and how it can provide value for organisations.

Sideloading is the installation of software from a third party rather than an approved source, for example applications that are not available from official vendors or app stores. This hack is creating yet another valuable opportunity for cybercriminals.

Our latest analysis of the National Vulnerability Database (NVD) has revealed that 2021 has now officially broken the record for common vulnerabilities and exposures (CVEs) logged by researchers. NIST is the US National Institute of Standards and Technology, and its National Vulnerability Database (NVD) is a repository of Common Vulnerabilities and Exposures (CVEs).

We were recognised for both our Incident Response and Managed Detection & Response services.

Previously described as “the world’s most dangerous malware” before being shut down by law enforcement and judicial authorities in January 2021, the Emotet botnet has now returned. In this blog post, we outline its current attack methods and the key questions organisations should ask to protect themselves.

Defending against loader-type malware is crucial to avoid a potential ransomware incident, given the fact that is the foothold of the attack kill-chain related to ransomware tactics, techniques and procedures (TTPs). Two of the most recent malware loaders to emerge are SquirrelWaffle and MirrorBlast. While SquirrelWaffle delivers Cobalt Strike payloads to victims, MirrorBlast uses novel techniques to gather intelligence and drop malicious payloads onto devices.

While organisations frequently focus their security strategy on external risks, the trend of company employees being targeted by threat actors to help provide access is on the rise. In this blog post, we explore the growing issue, outline some recent examples and provide some key steps to take in response.

But, as we explored in the first of this two-part series, there are limitations to using the out-of-the-box rules which form part of the technology. In this blog post, we explore how to customise rules, the rule development process and the role of Sigma.