Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Federal Trade Commission (FTC) has issued an urgent warning about a surge in immigration scams targeting immigrants and their families on social media platforms like Facebook. Scammers are impersonating attorneys and law firms, promising immigration services such as work permits, green cards, or even citizenship.

Businesses face many dangers like never before in this age of technology. In 2024 alone, ransomware's financial impact is higher than ever, with data backup and recovery costs averaging $2.74 million—nearly $1 million more than in 2023. Ransomware also impacts company costs due to downtime, with businesses facing an average of 21 days of disruption when (and if) a ransomware attack is identified.

The U.S. Department of the Treasury suffered a major security incident when a Chinese threat actor compromised its third-party cybersecurity service BeyondTrust. The attackers obtained an API key that allowed them to bypass security measures and access unclassified documents.

Active Directory (AD) remains a cornerstone of IT infrastructure, serving as the foundation for user authentication, resource access, and organizational security. Whether operating a traditional, hybrid AD environment, or fully cloud-based setup, protecting Microsoft Active Directory is critical. Its central role is to make it a high-value target for attackers, necessitating robust strategies for cyber resilience and Active Directory resilience to ensure business continuity and threat mitigation.

XDR has emerged as a go-to solution for all cybersecurity problems due to its comprehensive nature. It is a smart way to fight advanced threats by integrating and correlating data across multiple security layers from endpoints, networks, emails, servers, and cloud workloads. Fidelis Elevate is a leading example of XDR in action, providing comprehensive protection by seamlessly integrating and analyzing data from diverse security layers.

Each year, we revisit our risk rating system to ensure it best reflects the needs of security practitioners safeguarding their organizations and supply chains. For our recentupdate, we’ve made two closely related changes: we’ve recategorized some of our existing findings to make an organization’s risk profile more understandable and recalibrated our scoring algorithm to more clearly illustrate the impact of specific risks.