The Akira ransomware group has been active since March 2023, targeting diverse industries across North America, the UK, and Australia. Operating as a Ransomware-as-a-Service (RaaS) model, Akira employs a double-extortion strategy by stealing sensitive data before encrypting it. According to their leak site, the group claims to have compromised over 350 organizations.

We are delighted to announce that UpGuard has once again been recognized as the Leader in Third-Party and Supplier Risk Management Software by G2. The publication of G2's Summer 2024 report marks eight consecutive quarters were UpGuard was named a Category Leader. Established in 2012, G2 is a trusted resource for software reviews and customer feedback. It guides over 90 million users, including employees from all Fortune 500 companies, in making informed software choices.

Making your organization’s attack surface lean and agile improves your cyber resilience and demotivates bad actors. The first step to avoid cyber attacks is to get your attack surface in order. The Sweepatic External Attack Surface Management (EASM) Platform is built to help you with building cyber resilience. It lists, structures and prioritizes observations by criticality. 67%

Data sharing for offshore testing, development, and other operational needs is often essential in the healthcare industry. Yet, laws governing Protected Health Information (PHI) make this challenging, as sending sensitive data outside the U.S. can introduce significant regulatory risks. To stay compliant, healthcare companies need solutions that can anonymize data without compromising its usability or accuracy.

When a critical vulnerability in the printing system CUPS started raising alarms among security teams, Detectify had already entered war-room mode to address the situation. Within the day, customers could test whether they were vulnerable thanks to the rollout of a new scanning engine framework that reinvents how Detectify operates under the hood, allowing for a faster and more efficient response to security threats.

Tanium bridges the gap between posture and runtime protection for containerized environments.

Threat intelligence is the process of gathering, analysing, and applying information about current and potential cyber threats to help organisations protect themselves proactively. It involves monitoring threat actors, attack patterns, vulnerabilities, and global cyber activity to provide actionable insights. Unlike traditional reactive approaches to cyber security, threat intelligence enables businesses to anticipate threats and tailor their defences accordingly.

The European Union has taken a significant step by introducing a directive to update the EU’s civil liability law that extends the definition of "defective products" to include software. These pivotal liability rules hold manufacturers accountable for harm caused by software vulnerabilities, urging them to prioritize cybersecurity and compliance. Here’s how manufactures should think about navigating these new compliance challenges.

External Attack Surface Management, or EASM, has become a necessary component of a proactive cybersecurity strategy. According to research from Enterprise Strategy Group, over 65% of breaches stem from a compromised, externally exposed asset, so knowing your attack surface is key to avoiding breaches. Gartner, for this reason, is recommending EASM as a key pillar in the new approach to proactive security they call Exposure Management.

APIs are the backbone of interconnected applications, enabling organizations to innovate, integrate, and scale rapidly. However, as enterprises continue to expand their digital ecosystems, they often encounter a common and complex challenge: API sprawl. Unchecked, API sprawl can lead to increased security risks, inefficient resource utilization, and the frustrating experience of redundant or hard-to-locate services across teams. Postman details the explosive growth in APIs in their State of API report.