The threat landscape refers to the evolving environment of cyber threats, attack methods, and attack vectors targeting organizations, governments, and individuals. Shaped by threat actors like hackers, nation-states, and criminal groups, it has grown increasingly complex with the rise of cloud computing, IoT devices, and interconnected supply chains. These changes have expanded attack surfaces, offering adversaries more opportunities to exploit vulnerabilities.

The business world has an identity security problem. Identity telemetry dominated Arctic Wolf’s list of the top 10 security investigation types over the past 12 months, and 70% of organizations were targeted by business email compromise (BEC), an attack that often relies on identity compromise for success, in 2024.

The Digital Operational Resilience Act (DORA) comes into full effect on January 17, 2025. This deadline marks a monumental shift in how financial institutions and their technology providers prioritize and maintain operational resilience and cybersecurity standards – and sets in stone real business and regulatory consequences to ensure resilience is achieved. And like any sweeping security regulation, organizations must embark on an uphill journey to earn full compliance.

Identity thieves will do anything to get your Social Security Number (SSN). It's a very important piece of personal information. Locking your SSN is a proactive way to protect your name and money from fraud. The Federal Trade Commission (FTC) says that over 1.4 million Americans were victims of identity theft in 2022. Many of these crimes involved stolen Social Security numbers. To lower these risks, you need to learn how to safely lock your Social Security Number.

Cyber risk quantification (CRQ) is the process of attributing numerical values to a cyber event's impact on an organization. When defined in financial terms, these values enable enterprises to assess and manage their cyber risks at the operational level.

In September 2024, LevelBlue conducted a comprehensive threat hunt targeting artifacts indicative of Phishing-as-a-Service (PhaaS) activity across our monitored customer fleet. During the investigation, the LevelBlue Managed Detection and Response (MDR) Blue Team discovered a new PhaaS kit, now identified as RaccoonO365. The hunt confirmed true-positive compromises of Office 365 accounts, prompting swift customer notifications and guidance on remediation actions.

Ransomware groups claimed responsibility for 5,461 attacks in 2024, with 1,204 of these attacks being publicly confirmed by victim organizations, according to Comparitech’s latest Ransomware Roundup report. The average ransom demand was more than $3.5 million, and the average ransom paid was $9.5 million. Many of these attacks involved data theft extortion, leading to the breach of nearly 200 million records.

The full compliance process for CMMC, the Cybersecurity Maturity Model Certification, culminates in an audit that validates an organization’s cybersecurity posture and its implementation of the security controls that apply to it. Throughout this process, there is a gatekeeper who performs your audit. You may have heard of them referred to as a CMMC Auditor or a CMMC Assessor. With these two terms in play, you may be wondering what the difference is between them.

Cyber incidents can result in catastrophic consequences. Cyber risks faced by public sector organisations need a plan. NCSC developed the cyber assessment framework (CAF) to help organisations achieve and demonstrate cyber resilience, specifically in, specifically by identifying the important functions at risk of disruption due to cyber incidents.

Akira ransomware is a destructive malware that has ravaged industries since its discovery in March 2023. The operations have mostly targeted businesses in North America, the UK, and Australia. Akira ransomware’s darkweb site Akira employs a double-extortion tactic; it does not only encrypt the victim's data but also exfiltrates the data, and subsequently threatens to leak it on the internet unless the ransom demand is met.