Recently, we had a customer reach out to ask if disabling clickable uniform resource locator (URL) links in emails was enough protection by itself to potentially not need employee security awareness training and simulated phishing. We can understand why this misperception might exist. Many anti-phishing educational lessons discuss the need for people to evaluate all URL links before clicking on them.

The ransomware threat group formerly known as "Royal" has rebranded itself as BlackSuit and updated their attack methods, warns the FBI. The latest advisory from the FBI on ransomware threat group BlackSuit, is actually an updated 18-month-old advisory originally released to warn organizations about the threat group Royal. It appears that the group has rebranded, according to the advisory, and has updated their methods of attack.

Imagine you have a backpack with a granola bar buried at the bottom and a tenacious tiny dog who loves snacks. Even though the dog shouldn’t be able to reach that granola bar stored away carefully, it managed to open a zipper and snoop through the contents to eat the snack. From an IT environment standpoint, Application Programming Interfaces (APIs) are the backpack carrying sensitive – but appealing to attackers – data.

According to Gartner, by 2028, 75% of enterprises will prioritize backup of SaaS applications as a critical requirement, compared with 15% in 2024. Many of the largest organizations in the world rely on Salesforce as their CRM app that powers their business operations, helping them drive revenue faster.

Offensive security and active defense may appear at first glance as contradictory cybersecurity solutions, but when paired, they create complementary and robust protective solutions. Let's take a quick look at what each solution offers before we go into the details. Offensive security involves attempting to identify flaws in an organization before a threat actor has a chance to exploit them.

Endpoints are a continuous target for threat actors. They serve as gateways to the overall network, meaning an attack that starts on a single endpoint can quickly spread across the attack surface. They offer a valuable entry point into an organization’s environment that can be used to launch sophisticated cyber attacks.

In a security bulletin on February 19, ConnectWise announced critical vulnerabilities (CVE-2024-1708 & CVE-2024-1709) to its on-premises ScreenConnect product (identified and responsibly reported by one of Kroll’s SOC analysts), allowing attackers to takeover an organization’s ScreenConnect. The vulnerability, trivial to exploit, allows anonymous individuals to a create system admin account on publicly exposed instances of the product.

When it comes to the duration of a ransomware attack and the subsequent recovery process, the numbers are staggering and vary wildly. Partly because there’s no single source which compiles all the information in a consistent manner. On average, a cyber attack can last anywhere from a few days to several weeks, with the recovery time often extending to months or even years.

Elizabeth Harz, CEO of Veriato, sits down with Chris Hughes from Acceleration Economy for an exclusive interview to discuss the evolving landscape of insider risk management.

The main differences between Remote Browser Isolation (RBI) and Virtual Private Networks (VPNs) are the type of user activity they secure and the way in which they secure it. While RBI protects users against web based threats by providing privacy and security through isolating browsing activity from the user’s device and network, VPNs encrypt data and mask the user’s IP address for all internet traffic. This article will examine these differences in more detail.