Today's Managed Security Service Providers (MSSPs) are trying to grow their business quickly, improving margins and onboarding customers with high-quality tool sets that scale with the company. This means reducing cost, improving onboarding time, and building the next generation of Managed Detection and Response (MDR) to deal with threats that are increasing in volume and sophistication.

If you look around, even a small successful DDoS attack brought down websites. It leads to data breaches and results in a huge loss. DDoS attacks on AWS (in 2020), Bandwidth.com (in 2021), and GitHub (in 2018) carry a lesson for us. DDoS attacks are among the most rapidly advancing type of cybercrime. It becomes more mature, sophisticated, and complex. In 2023, Cisco predicted the total number of DDoS attacks would be over 15 million.

Purchasing holiday gifts is now more simple and more convenient than ever thanks to online shopping. Unfortunately, cybercriminals are preparing for the holidays just like us, but they’re doing so with bad intentions. Cybercriminals have developed easier and more advanced methods to steal customers’ money and personal information.

The digital world has undergone a paradigm shift as a result of the worldwide pandemic, which has changed the way broadcasters deliver content to their users. The digital media business, OTT streaming and OTT communications have surely transformed everyone’s leisure time with the enormous rise in viewership and online users in recent years.

Passage, a leader in modern authentication technology, is joining the 1Password team to help accelerate the adoption of passkeys for developers, businesses, and their customers.

In the previous blog post, we discussed the importance of having a successful Incident Response Plan. In this blog post, we will go over the steps necessary to contain a breach. Containment is key to preventing the breach from spreading and affecting other parts of your business. By following these six steps, you can minimize the damage caused by a data breach and improve your chances of recovering quickly.

A recent campaign, unearthed by researchers at INKY, is the latest example of exploitation of a legitimate cloud service. The campaign impersonates the U.S. Small Business Administration (SBA), targeting small businesses that are unaware of the fact that the SBA recently stopped accepting applications for COVID-19 relief loans or grants. The element that makes this campaign stand out from the others is the exploitation of a well-known and familiar cloud service to host the phishing page: Google Forms.

The problem of securing the modern workforce goes beyond occasional spats between IT and security. The real problems we see are user credentials under constant attack, alongside attempts to harvest and exploit enterprise data. Plus the cloud resources that workforces need are tough to secure, especially when deployed outside of IT-led processes. In light of these issues, corporations need a way to securely provide always-on cloud access for users while safeguarding enterprise data anywhere it goes.

Cloud misconfigurations can cause devastating financial and reputational damage to organizations. Yet, such undesirable circumstances can be avoided by understanding the common misconfiguration errors and mitigating them before malicious actors can exploit them. Ava Chawla, AlgoSec’s Global Head of Security provides some valuable insights on cloud misconfigurations and offers useful tips on how to avoid them.

At LimaCharlie, we believe that open-source tools have a crucial role to play in the security industry. This conviction stems, in part, from our company history: LimaCharlie started out as an open-source endpoint detection and response (EDR) project. But beyond that, we think that the future of cybersecurity will be marked by the values of open-source tech; by a trend towards greater openness and transparency.