Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Following the emergence of data-leak sites (DLSs) for extortion group Morpheus earlier this year, Cyjax has discovered a DLS for a new extortion outfit going by the name GD LockerSec. Read on to find out what we know so far.

Clients are the heart of any business, be it service based or product based. But clients play a more important role in service-based business due to the consistent to and fro contact. For Managed Service Providers, building a lasting relationship with clients will take efforts but it is the foundation of a successful MSP business. Here’s how you can strengthen your client relationships.

Is it getting harder and harder to keep track of all your cloud assets? You're not alone. In today's dynamic world of hybrid and multi-cloud environments, maintaining clear visibility of your IT infrastructure has never been more complex. 82% of organizations report that lack of visibility is a major factor in cloud security breaches. Traditional tools often fall short, leaving potential security vulnerabilities exposed and your business at risk. But there's good news!

Can you imagine a modern working world without Software-as-a-Service (SaaS) applications? Productivity, communication, and project management solutions have transformed the modern workplace, enabling hybrid and remote working, helping to cut costs, and offering unprecedented opportunities for collaboration and innovation. Without them, the business world would grind to a halt.

The Transportation Security Administration (TSA) has proposed new rules requiring those under its jurisdiction to follow specific cyber risk management (CRM) requirements, report cybersecurity incidents in a certain timeframe, and address physical security concerns. This is positive news for the transportation industry, as hundreds of attacks have been leveled against the sector. These attacks have the potential to impact the supply chain, create chaos, and endanger human lives.

SOC teams often wrestle with clunky, siloed reporting tools that lack real-time, connected capabilities. Analysts end up buried under a mountain of fragmented xdata, forcing teams to spend valuable hours tracking down answers to their most pressing questions, rather than tackling threats head-on. At Torq, we feel SOC reporting should be your power move, not a painful process.

As organizations evolve to embrace cloud-native architectures and distributed teams, the limitations of legacy access solutions like virtual private networks (VPNs) and bastion hosts have become apparent. Once reliable for securing static, on-premises environments, these tools do not scale well for securing modern infrastructure, are expensive to maintain, increase security vulnerabilities, and can hinder regulatory compliance.

As security and risk leaders look to the year ahead, they face a rapidly evolving and dynamic set of challenges. The implementation of more stringent cybersecurity standards—such as the U.S. Security and Exchange Commission’s (SEC) rules and the EU’s Network and Information Security Directive 2 (NIS2)—has placed boardroom scrutiny at an unprecedented level.

Active Directory (AD) is prolific, with an estimated deployment at 90% of organizations worldwide. Meanwhile, Entra ID deployment is increasing, as is the prevalence of Hybrid environments which deploy both. The widespread use of AD makes the repository a target for cybercriminals. Although rarely discussed, identity, access privileges, and cybercrime are intrinsically linked, with 90% of organizations being victims of at least one identity-related incident in 2023.