As organizations implement additional security controls and detections, threat actors adjust to bypass them. Since our initial investigation into a Lorenz ransomware intrusion that exploited a Mitel MiVoice VoIP appliance, we have observed a shift in the group’s Tactics, Techniques, and Procedures (TTPs).

The purpose of this guide is to provide you with a thorough understanding of GLBA as well as tips for ensuring compliance with your organization.

As we move towards more automation, we should remember the risk of over-automating, or at least make a conscious decision to accept the risks. This is especially important in automating response actions, which left unchecked could wreak havoc with day-to-day business operations.

Email is the top initial attack vector, with phishing campaigns responsible for many damaging cyber attacks, including ransomware. Being able to search Mimecast email security logs in CrowdStrike Falcon® LogScale (formerly known as Humio), alongside other log sources such as endpoint, network and authentication data helps cybersecurity teams detect and respond to cyber attacks.

CrowdStrike recently analyzed a macOS-targeted mineware campaign that utilized malicious application bundles to deliver open source XMRig cryptomining software and Invisible Internet Protocol (I2P) network tooling.

Organizations know that they need to become more cyber resilient, and are asking MSSPs and enterprise security teams to help. But in a time of economic uncertainty and shrinking budgets, the goal of cyber resilience is often at odds with what management is prepared to invest. The good news is that LimaCharlie can be used to help security professionals improve cyber resilience—with a level of control and at a cost efficiency unparalleled industrywide.

FERPA (the Family Educational Rights and Privacy Act) is a United States federal law protecting the privacy of student education records, more specifically governing access from public entities, such as employers, public schools, and foreign governments.

Third-party risk management is a well-known industry term that emphasizes the importance of looking outside yourself to identify potential risks to your organization. In the current business landscape, where you are communicating and collaborating with dozens, if not hundreds, of other organizations, focusing on your own cyber risk and that of your third parties is not enough.