Almost 90% of businesses employ Active Directory (AD) in their IT environments to manage user accounts and control access—yet every day, 95 million AD accounts are targeted by cyberattackers. It’s not surprising that AD is a popular target. Attackers can actively exploit user accounts and use them as an entry point to launch lucrative attacks. Find out how you can employ best practices to keep your AD safe from adversaries.

At UpGuard, we know that in cybersecurity, timing is everything. That’s why we’ve enhanced our news and incident scanning with 500% more coverage, bringing you faster insights from high-impact sources. Now, SOC analysts and security teams can catch incidents affecting their organization or supply chain sooner, allowing for quicker, proactive responses to mitigate threats before they escalate.

Egress’ Threat Intelligence Team has identified that over 7% of global phishing attacks now use an emerging obfuscation technique that employs Accelerated Mobile Page (AMP) links to mask malicious URLs. Often embedded in phishing emails that impersonate well-known brands, threat actors aim to undermine the 'hover' technique taught in most security awareness training programs.

When deciding what approach to use for security tooling, it seems like there are two choices. Like everything in security, there is more to unpack in reality. In this article I want to explore when open-source security tools should be used, when commercial tools are more effective, and if we can trust tools built from an open-source core.

Implementing privileged access management (PAM) is crucial in safeguarding your organization’s critical systems and sensitive data against unauthorized access and compromise. Join us for an in-depth look at effective PAM strategies with our cybersecurity experts Jonathan Care and Aleksandr Dymov. This webinar will guide you through essential PAM practices for securing critical assets and minimizing security risks across your organization.

Threat actors are exploiting Microsoft Visio files and SharePoint to launch two-step phishing attacks, according to researchers at Perception Point. “Perception Point’s security researchers have observed a dramatic increase in two-step phishing attacks leveraging.vsdx files – a file extension rarely used in phishing campaigns until now,” the researchers explain.

New data shows just how crippling ransomware has been on small businesses that have fallen victim to an attack and needed to pay the ransom. Logic would normally dictate that ransomware gangs are going to go after the “big fishes” – the larger organizations with deep pockets. But with the advent of the “as a service” model of ransomware, threat actors have found a niche, with many of them focusing on businesses with 1 to 50 employees.

In today's digital age, safeguarding your organisation's data is paramount. Achieving Cyber Essentials Plus compliance can significantly enhance your security posture.

AWS Identity and Access Management (IAM) enables organizations to set up permissions policies for users and workloads that need access to cloud services and resources. But as your cloud environment scales, it can be challenging to create and audit IAM policies that work effectively without compromising security.