In 2021, Amazon suffered a financial setback of around $34 million due to a one-hour system outage that led to a considerable loss in sales. Meta suffered a loss of nearly $100M because of Facebook’s 2021 outage. The consequences of downtime can be severe, and businesses of all sizes and governments can be affected. A DDoS attack can bring a business to a complete standstill for hours, leading to a substantial loss in revenue.

A critical exploit just hit the scene, targeting cdn.polyfill.io, a popular domain for polyfills. Over 110,000 websites have been compromised by this attack, embedding malware into JavaScript assets. But don’t worry, we’ve got your back.

On June 25, 2024, Progress Software, the parent company of the MOVEit software suite, officially released details for two critical vulnerabilities identified in MOVEit Gateway and MOVEit Transfer, CVE-2024-5805 and CVE-2024-5806 respectively. MOVEit Transfer is a managed file transfer solution that supports the exchange of files and data between servers, systems and applications within and between organizations.

In 2023, identity theft and fraud reached significant levels, with various reports highlighting the extensive impact on consumers and businesses. The Federal Trade Commission (FTC) reported that consumers lost more than $10 billion to fraud, marking a 14% increase from the previous year. Identity theft remained a pervasive issue, with nearly 560,000 cases reported in the first half of 2023 alone.

Container security is crucial in the age of microservices and DevOps. Learn about common container vulnerabilities, container security scanning, and popular tools to secure your containers in this comprehensive guide.

Here’s what you need to know about the progression of the Polyfill supply chain attack and how to respond.

Increasing your online customer base might seem beneficial, but is it always advantageous for your business? Our guide aims to help you identify and understand customers who might pose long-term challenges, commonly referred to as high-risk customers. Financial institutions, such as banks, must adhere to regulations that require thorough customer screening to prevent fraud and money laundering.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! WordPress is often an easy target from lack coding, but in this case a curious injection at source. But how?

From chatbots like ChatGPT to the large language models (LLMs) that power them, managing and mitigating potential AI vulnerabilities is an increasingly important aspect of effective cybersecurity. Kroll’s new AI insights hub explores some of the key AI security challenges informed by our expertise in helping businesses of all sizes, in a wide range of sectors. Some of the topics covered on the Kroll AI insights hub are outlined below.

We are over the moon to share that BlueVoyant has been awarded the Microsoft Worldwide Security Partner of the Year, demonstrating our leading-edge cyber defense capabilities and our strong partnership with Microsoft. We have also been recognized as the Microsoft United States Security Partner of the Year for the third time, and the Microsoft Canada Security Partner of the Year for the first time.