Kroll has investigated many different tactics that threat actors use to steal consumer data on e-commerce sites. These types of attacks can be especially damaging for organizations that are responsible for storing customers’ personal and financial information that is collected during transactions.

Containers are transforming how enterprises deploy and use applications - their efficiency and cost-effectiveness making them a cornerstone of modern IT strategies. Compared to traditional virtualization, where the server runs a hypervisor, and then virtual machines with entire guest operating systems and software run on top of the hypervisor, containers allow more versatility since they simplify management and provide faster provisioning of applications and resources.

While no-one can predict if and when a cyber attack will take place, a red team exercise is as close as an organization can get to understanding its full level of preparedness. Red team exercises conducted by certified ethical hackers are key to uncovering hidden vulnerabilities and addressing them before they impact a company’s cyber resilience.

In today's rapidly evolving digital landscape, software supply chain security has emerged as a critical concern for organizations worldwide. Among the countless security threats, ‘secret leaks’ stand out as a predominant issue, posing significant risks to the integrity and confidentiality of software systems. This blog post delves into the intricacies of secret leaks, exploring why they are a pervasive problem and what steps can be taken to mitigate this threat.

With tens of thousands of potential threats lurking in remote corners of the deep and dark web, organizations are increasingly at risk of being targeted by cyber attackers or having their sensitive information traded or leaked online. Deep and dark web monitoring enables businesses to safeguard their digital assets and accelerate visibility of online threats, protecting their brand and reputation.

As cyber threats continue to grow more sophisticated, the demand for dynamic, scalable security solutions has led to the increasing adoption of Security Operations Center as a Service (SOC as a Service, or SOCaaS). The SOC as a Service model offers a significantly more cost-effective alternative for organizations without the resources to establish full-scale, in-house security operations centers (SOCs).

The education sector proved to be a key target for threat actors in Q2 2024, particularly for ransomware groups. FOG ransomware was a significant threat to the sector this quarter, with clear seasonal cycles in incidents impacting educational institutions, possibly due to perceived reduction in IT staffing around the summer months or the belief that schools may be more likely to pay a ransom during peak periods.

In Q2 2024, the Kroll Cyber Threat Intelligence (CTI) Team observed an increase in activity around a new ransomware group named FOG. FOG was initially observed in May 2024, and since then has been heavily targeting higher educational institutions in the U.S. by exploiting compromised VPN credentials. Kroll's review of a recent FOG binary (1.exe) found no exfiltration or persistence mechanisms directly integrated.

In a security bulletin on February 19, ConnectWise announced critical vulnerabilities (CVE-2024-1708 & CVE-2024-1709) to its on-premises ScreenConnect product (identified and responsibly reported by one of Kroll’s SOC analysts), allowing attackers to takeover an organization’s ScreenConnect. The vulnerability, trivial to exploit, allows anonymous individuals to a create system admin account on publicly exposed instances of the product.

The concept of Software Bill of Materials (SBOM) has gained serious traction in recent years, emerging as a critical element of software security frameworks. SBOM refers to a comprehensive inventory of all the components and dependencies, or the software supply chain, that make up a software application. The influence of SBOM on modern software and application security programs is so compelling that government organizations like the U.S.