The reliance on third-party vendors for diverse services has become a norm in 2023. However, this dependence brings with it the need for a heightened focus on the cybersecurity posture of these external partners. It’s imperative for businesses to meticulously assess the cybersecurity risks and compliance levels of their vendors to safeguard against potential vulnerabilities that could impact their operations.

Imagine waking up one day and checking your bank records to find details of transactions you never made. This nightmarish situation can result from the Tiny Banker Trojan (Tinba) malware, which can steal banking credentials to funnel money to external accounts. There has been a rise in such malicious and fraudulent activities worldwide over the past few years. According to a recent report, in Q2 2023 alone, 59,167 malicious installation packages were identified as related to mobile banking trojans.

As the manufacturing sector continues its digital transformation, Operational Technology (OT), Industrial Control Systems (ICS), and Supervisory Control and Data Acquisition (SCADA) are becoming increasingly exposed to cyberattacks, particularly those involving ransomware.

The holiday season is just around the corner; a time of joy and celebration. However, threat actors anticipate this joyous season as much as it is by many festive revelers. In fact, cybercriminals tend to be particularly active during the holiday season, taking advantage of the distractions that come with it. The holiday season tends to witness an increase in successful attacks affecting both businesses and consumers.

2023 was a lucrative year for ransomware actors, with victim organizations paying $449.1 million in the first six months alone. Maintaining this cash stream requires frequent technique shifts, which may be why more attackers are exploiting legitimate software to propagate their malware. Abusing organizations’ existing enterprise tools can help attackers blend in while they’re doing reconnaissance, and also aids them with privilege escalation and persistence.

Excessive access rights increase the risk of cybersecurity incidents. Implementing the principle of least privilege (POPL) can help you significantly limit the attack surface and protect your organization from the financial and reputational losses that may follow a cybersecurity breach. This article aims to reveal the importance of POLP and equip you with the best practices for its effective implementation.

In this digital era, as data is produced and gathered more than ever before, the importance of data security has surged. Given the widespread use of social media, e-commerce, and other online services, individuals are sharing their personal details with numerous entities.

‍We are thrilled to welcome Bob Lyle to Riscosity as our Chief Revenue Officer. Bob is an accomplished executive with extensive GTM experience in scaling software and security companies. He will be responsible for the planning, development, and global execution of our revenue strategy as we continue to evolve our business.

On December 5th, the Cybersecurity and Infrastructure Security Agency (CISA) released an advisory that confirmed the exploitation of CVE-2023-26360 at a Federal Civilian Executive Branch (FCEB) agency by unknown threat actors. Exploiting this vulnerability allowed threat actors to gain access to the FCEB agency network on two separate occasions in June 2023.