Since stepping into the cybercriminal arena in September 2020, the Egregor group has penetrated over 71 businesses globally, including recruitment giant Randstad and US retailer Kmart. But who is the Egregor group and how have they managed to rise up as a significant cyber threat in just a few short months? Egregor is a cybercriminal group specializing in a unique branch of ransomware attacks.

Since ransomware was founded in 1996, many ransomware gangs have attempted and failed to quake the cybersecurity landscape. But some have broken through and even rearranged it with their obfuscatory cyberattack methods. Netwalker ransomware is an example of such a success. Within its first six months of operation, the ransomware gang received more than $25 million in ransom payments. What is Netwalker ransomware and why is it so lethal? To learn more, read on.

Every company outsources parts of its operations to multiple suppliers. Those suppliers, in turn, outsource their operations to other suppliers. This is fourth party risk. The risk to your company posed by suppliers' suppliers. Confusing, isn't it? The best way to frame it with a case study, so please read on! You help look after Information Security at a manufacturing company. Your company has got a policy for everything, including the policy to regularly maintain all the policies.

If you boil it down to the most basic difference between GitHub and Bitbucket, it is that GitHub is focused around public code and Bitbucket is for private. GitHub has a huge open-source community and Bitbucket tends to have mostly enterprise and business users. Bitbucket vs Github: Two of the largest source code management services for development projects, offering a variety of deployment models from fully cloud-based to on-premise. Historically, they have taken different approaches to private vs.

It seems like every day there’s a new incident of customer data exposure. Credit card and bank account numbers; medical records; personally identifiable information (PII) such as address, phone number, or SSN— just about every aspect of social interaction has an informational counterpart, and the social access this information provides to third parties gives many people the feeling that their privacy has been severely violated when it’s exposed.

How does the fourth-largest network security company by revenue hold up against the first cybersecurity firm certified by the U.S. Department of Homeland Security? Fortinet's appliances and next generation firewalls (NGFW) have made it a category leader in unified threat management (UTM); let's see how they stack up against FireEye's comprehensive suite of enterprise security solutions.

In the pantheon of open source heavyweights, few technologies are as ubiquitous as the MySQL RDBMS. Integral to popular software packages like WordPress and server stacks like LAMP, MySQL serves as the foundational data platform for a vast majority of websites and cloud services on the internet today. Unfortunately, its popularity translates to more commonly known attack vectors and security exploits —the following are 11 ways to shore up MySQL security and protect your data more effectively.

Microsoft Internet Information Server (IIS) is widely used in the enterprise, despite a less-than-stellar reputation for security. In fact, for many “IIS security” is a contradiction of terms—though in all fairness, Microsoft's web server solution has improved significantly over the years. IIS 8.5 for server 2012 R2 and IIS 10 for 2016 have been hardened and no longer present the dangerous default configurations of older IIS iterations, but can still be further tightened.

Business partnerships require trust, but knowing whether your vendors merit that trust is difficult. With the rise of information technology, the ways in which trust can be broken, intentionally or unintentionally, have multiplied and become more complex. Vendor security assessment questionnaires are one method to verify that service providers follow appropriate information security practices so your business can weigh the risk of entrusting them with your data.

Vendor risk scoring is a practice that has emerged to address the complexity of vendor management by assigning vendors a single score– typically a number or letter grade– to facilitate comparison between vendors and portfolios. The past decades of digital transformation have provided both the need for innovative IT security hygiene assessment techniques and the technological capabilities to gather and analyze the data necessary to give those risk scores predictive power.