Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Risky Business: Working with Third Parties Across the Globe

To show regional differences, BlueVoyant’s latest research report includes C-level executive responses from organizations in the U.S. and Canada, U.K., Continental Europe, and APAC. Singapore had among the lowest reported negative impacts from third-party cyber breaches, while the U.K. had the most. Regional differences play a notable role in shaping how organizations approach and handle third-party cyber risk management (TPRM).

Breakdown of Takedown: An Overview of Tackling Phishing Threats

Every year, more and more companies are confronted with website and email spoofing worldwide. Cyber criminals use fake websites and fake email accounts for phishing, spear phishing and social engineering attacks to commit fraud, redirect web traffic, or manipulate search engine rankings. The disarming, or takedown, of these fake domains is a real challenge for more and more security teams. This is because cyber criminals are becoming increasingly professional in their spoofing activities.
Featured Post

The Role of Cyber Security in Building Supply Chain Resilience and Efficiency

The COVID-19 pandemic exposed significant vulnerabilities in global supply chains. With technology companies scrambling to respond to unprecedented disruptions, it became clear that traditional supply chain models were no longer sufficient. When we look back on the supply chain crisis before and during the pandemic, it is easy to identify the areas of improvement because we now have so much more information and the benefit of hindsight, but during the crisis, it was extremely challenging to find immediate ad-hoc solutions, which clearly illuminated a lack of contingency planning.

Better Together: The Benefits of Combining MXDR and TPRM

Security operations teams face escalating demands to promptly detect and respond to third-party cyber threats, largely due to the increasing number of data breaches occurring within an organization’s supply chain. An effective program to manage this type of cyber risk is essential for safeguarding sensitive data and maintaining business continuity.

From Zelle to Your Wallet: The Mechanics of Third-Party Phishing

Over the past year, BlueVoyant’s cyber threat analysts have identified a significant rise in third-party phishing tactics, most notably with a campaign impersonating the Zelle digital payment service. By mimicking a well-known payment site like Zelle, threat actors can evade detection more effectively while collecting credentials and personally identifiable information (PII) from online users of hundreds of financial institutions.

Forrester Study: BlueVoyant MDR Delivered a 210% Return on Investment for Clients Through Effective Threat Detection and Response, Optimized SecOps Spending, and Reduced Breach Incidence

Organizations’ security operations (SecOps) programs are under increased pressure due to more sophisticated threats, a continually expanding attack surface, and strained internal resources. To help solve these challenges, BlueVoyant MDR delivers 24x7 threat monitoring, detection, hunting, and response powered by advanced automation and human expertise.
Featured Post

How Organisations Can Master Incident Reporting Obligations Under NIS2

The new NIS2 directive is designed to strengthen the cyber resilience of over 160,000 companies that operate in the EU - either directly or indirectly. Coming into force by 17th October, NIS2 regulations will outline how these essential entities can combat increasingly sophisticated and frequent cyber attacks.

BlueVoyant Identifies Credential Harvesting Campaign Targeting the Manufacturing Sector

BlueVoyant’s Threat Fusion Cell (TFC) uncovered a focused campaign targeting the advanced manufacturing sector. This campaign aims to steal Microsoft credentials, by spoofing Microsoft’s login page, to phish for potentially compromising sensitive information.

Building Graph API Custom Plugins for Copilot for Security

As we explored the capabilities of Copilot for Security, we discovered that while the native plugins offer access to a vast array of data, they didn't cover everything we needed for some of our specific use cases and promptbooks. For instance, we wanted detailed insights into Conditional Access policies from Entra ID, Intune policies, Secure Score, and more. Although Microsoft continues to enhance the native plugins by adding new skills, we opted to develop our own custom plugins.

Sky-High Stakes: Combating Cyber Fraud in the Aviation Industry

Fraudulent cyber attacks targeting the airline industry are a common issue largely seen coming out of the underground, such as the deep and dark web. According to RSA Security, airlines are the industry most affected by online fraud, accounting for 46% of fraudulent transactions. As a result, the financial costs for airlines are huge with losses due to fraud estimated at 1.2% of the total global airline revenue.