Organizations are falling victim to ransomware attacks where data is stolen, but the victim isn’t being told about it. I have a theory as to why this is happening. Many assume data is being exfiltrated as part of a ransomware attack and it’s going to be used as part of the extortion component of the attack. But according to Arctic Wolf’s The State of Cybersecurity: 2024 Trends Report, that doesn’t seem to be the case.

On July 24, 2024, Progress published a knowledge base article disclosing a critical vulnerability (CVE-2024-6327) impacting Telerik Report Server, a product by Progress designed for streamlined report management within organizations. This vulnerability can lead to remote code execution (RCE) due to the deserialization of untrusted data. Arctic Wolf has not identified a publicly accessible proof of concept (PoC) exploit or active exploitation of this vulnerability. However, most notably.

The Defense Industrial Base (DIB) consists of over 100,000 companies that provide materials or services to the United States Department of Defense (DoD). These companies provide products needed to defend the nation and are a critical part of the DoD supply chain. DIB companies range in size from large, well-known defense contractors, like Lockheed Martin, Boeing and Northrop Grumman, to small and medium-sized enterprises that provide specialized products and services, such as drones and military vehicles.

In a significant development in cybersecurity, the threat actor known as Stargazer Goblin has established a complex network of fake GitHub accounts to facilitate a Distribution-as-a-Service (DaaS) operation. This network, comprising over 3,000 inauthentic accounts, has been actively spreading various information-stealing malware and generating $100,000 in illicit profits over the past year.

Access to data comes with significant responsibility, and misuse of this access can negatively affect organizations. When employees misuse data for personal gain or other unauthorized purposes, it can jeopardize data security and lead to costly breaches. Indeed, 68% of data breaches involve a human element, according to the 2024 Data Breach Investigations Report by Verizon.

Businesses have gone mobile-first, and with good reason—people are spending more time and more money on their phones than ever before. For instance, in 2023, an estimated 66% or 2/3rds of all online orders were made from mobile devices. And in 2024, businesses are expected to spend $402 billion on mobile advertising. Mobile apps have become the first choice for users for their online activities in banking, e-commerce, media streaming, social media, etc.

A compliance audit shows your customers exactly what measures you have in place to keep their data and assets safe. Given that trust is such a crucial aspect of customer relationships, the quality and efficiency of your compliance audit is more important than ever. ‍ A-LIGN, one of Vanta’s technology-enabled security and compliance partners, recently released its 2024 Compliance Benchmark Report, based on an annual survey of nearly 700 business leaders and compliance professionals.

The Internet of Things (IoT) has slowly but surely weaved its way into our homes and places of work. From smart homes to industrial control systems, IoT has brought convenience and efficiency to our lives. However, with this increased connectivity we have increased our risk. The IoT Attack Surface IoT devices are often designed with functionality in mind, rather than security. This means that many devices have weak or default passwords, unpatched vulnerabilities, and insecure communication protocols.

You can find out if your information is on the dark web by using a dark web scan tool, signing up for a dark web monitoring service or checking for the latest data breaches. The dark web is a layer of the internet that allows people to remain anonymous, often used by cybercriminals to find and sell stolen personal information. A dark web scan informs you if your personal information has surfaced on the dark web, which could put your accounts at risk of being compromised.

When workers bring their own equipment on the job, it opens the door to all kinds of trouble – just ask the NFL.