A new campaign of StrelaStealer attacks identified by security analysts at Unit42 has been spotted targeting E.U. and U.S. organizations. This somewhat new infostealer has evolved to be even better at evading detection in a new string of campaigns aimed at stealing email credentials from well-known email clients.

The Australian Government has leveraged insight from cybersecurity experts to create a new six-part plan to combat cybersecurity over the coming decade. The cybercrime economy is booming and growing every year. What’s needed is a bold vision to not just respond to the current state of threats, but to jump years ahead of it. And that’s what we find in the Australian Government’s 2023-2030 Australian Cybe rsecurity Strategy.

The nature of cybersecurity risk has evolved dramatically over time, challenging traditional approaches to security. Historically, organizations have concentrated their efforts on fortifying assets they directly own, assuming that this strategy provides sufficient protection. Unfortunately, this narrow focus fails to acknowledge a fundamental truth: attackers operate without regard for ownership boundaries.

Microsoft’s Active Directory (AD) has been a mainstay of information systems for over 20 years, but it was intended for a different era of computing and business requirements. Its persistence affects IT’s agility, impacts security posture, and limits IT’s capacity to provide the best-of-breed tools that employees expect.

The deadline for achieving complaince with the Digital Operational Resilience Act (DORA) will be here before you know it, with enforcement beginning in January 2025. With Third-Party Risk Management being the central focus of the EU regulation, it’s imperative to cater your TPRM program to the DORA regulation to achieve sustainable compliance. In this post, we outline the DORA requirements related to third-party risk management and explain how to comply with them.