Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

December 2022

Cyber Threat Intelligence Series: A Lens on the Healthcare Sector

A review of recent Kroll incident response cases consistently proves that the healthcare industry is one of the most frequently targeted sectors. This observation mirrors what is experienced by national cybersecurity agencies as multiple warnings have been launched during 2022, highlighting how ransomware gangs and nation state actors are now aggressively targeting healthcare institutions.

Threat Actors use Google Ads to Deploy VIDAR Stealer

Kroll has observed threat actors abusing Google Ads to deploy malware masquerading as legitimate downloads or software that has been “cracked” or modified to remove or disable features such as copy protection or adware. As part of our analysis of this trend and threat, we have identified specifically that VIDAR malware, an information-stealing trojan, is using Google Ads to advertise spoofed domains and redirect users to fraudulent sites or malware downloads.

Continued Exploitation and Evolution of ProxyShell Vulnerabilities - The Monitor, Issue 22

In August 2021, threat actors started to exploit ProxyShell vulnerabilities in certain Microsoft Exchange Server versions. Today, not only is Kroll seeing actors continue to leverage ProxyShell in larger network intrusions but also now organizations must also be on guard for the so-called ProxyNotShell vulnerabilities, which surfaced in September 2022.

How to Prepare for Critical Infrastructure Security Threats

As part of our 2-Minute Security Talks series, Bob Thompson, Associate Managing Director in Kroll’s Security Risk Management practice for EMEA and APAC, addresses the threats to critical national infrastructure that are emerging from global geopolitical instability. Bob also discusses how Kroll can support organizations with threat monitoring, security reviews, risk assessments, cyber resilience assessments and crisis preparedness, and reviews the seven key points of Kroll’s risk assessment process that can help companies mitigate threats.