Every organization faces data security threats, which become more complex when integrating technologies like cloud computing or hybrid working options. That’s why it is critical to implement robust data protection to safeguard critical assets such as intellectual property, personally identifiable information, and sensitive financial data. This challenge is further augmented by the growing number of regulations imposed by governmental and industry bodies.

In Q2 2024, the Kroll Cyber Threat Intelligence (CTI) Team observed an increase in activity around a new ransomware group named FOG. FOG was initially observed in May 2024, and since then has been heavily targeting higher educational institutions in the U.S. by exploiting compromised VPN credentials. Kroll's review of a recent FOG binary (1.exe) found no exfiltration or persistence mechanisms directly integrated.

Amid the disruption of the Hive ransomware group by law enforcement agencies, Hunters International emerged onto the cyber scene in Q3 of 2023, displaying notable technical similarities with Hive, hinting at an evolutionary progression or branch-off from the dismantled group. This transition underscores the adaptive nature of cybercriminal networks, persisting in their illicit activities despite law enforcement actions.

Welcome to the Threat Context monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber Threat Intelligence team. Here’s what you need to know from August.

“Never trust; always verify.” That’s the philosophy that drives the Zero Trust model, and it represents a major shift from the previous motto: “Trust but verify.” As threat actors have become more sophisticated, organizations have shifted their security frameworks away from a network-centric model and toward an identity-first model. Zero Trust assumes that every attempt to access an organization’s digital assets is from a threat actor until it can be proven otherwise.

ThreatQ TDR Orchestrator serves as a bridge between human expertise and machine precision, optimizing workflows in security operations. By leveraging this dynamic solution, organizations can ensure that the tacit knowledge of security analysts is efficiently captured and combined with automated processes. This integration facilitates a more agile response to threats, as the human element of decision-making is supported by the speed and consistency of automation.

The EU tightens cybersecurity requirements for critical infrastructure and services with the new NIS2 Directive – what does this mean for small businesses?

Enterprise browsers are built on a sensible idea, but how they work in practice can be another story.

Look closer before clicking that link at the top of your search results.

Recently, a widespread cloud extortion operation—affecting 110,000 domains and involving significant financial demands—was uncovered. Unit 42, the cybersecurity research division of Palo Alto Networks, released a report this month detailing how threat actors exploited misconfigured.env files to gain unauthorized access, steal sensitive data, and demand ransoms after deleting cloud assets.