February 21, 2024 | By Ryan Felkel Amidst the growing shift towards cloud adoption and reliance, ensuring the resilience of your cloud infrastructure is paramount. With Amazon Web Services (AWS) serving as a cornerstone of many organizations’ cloud strategies, mastering disaster recovery within the AWS ecosystem is essential.

Kroll’s Q4 analysis shows ransomware groups increasingly gaining initial access through external remote services. The quarter presented a complex security landscape with a mix of both positive and negative trends: positively, activity associated with larger ransomware-as-a-service (RaaS) operations, like LOCKBIT and BLACKCAT, declined.

Private equity (PE) firms have a unique power in the global marketplace, independently fostering innovation, creating jobs, and propelling economic growth. These entities infuse capital into a spectrum of industries throughout the business life-cycle, intent on delivering superior returns to investors while effectively navigating the complexities of the broader threat landscape.

Welcome back to our ongoing series on the Payment Card Industry Data Security Standard (PCI DSS) requirements. Having covered the first six requirements in detail, we now turn our attention to Requirement 7. This requirement is a critical component of the PCI DSS that has undergone significant changes from version 3.2.1 to the latest version 4.0. Requirement 7 focuses on implementing strong access control measures.

In a world where data is the new currency, understanding and leveraging data monitoring has become indispensable. Data monitoring involves systematically collecting, analyzing, and managing data to uphold its quality, security, and compliance—a critical process in a world where data influences every decision and innovation.

This is the fourth and final post in a series on how to secure your hybrid workforce. For a complete overview of the topics discussed in this series, download The new perimeter: Access management in a hybrid world.

Last year, the Securities and Exchange Commission adopted rules on cybersecurity risk management that focused on transparency. Much of the adopted rules were focused on investors, but the rules also underscored the importance of the impact to customers when cybersecurity incidents occur. The data security landscape has recently shifted to prioritize the user or the customer, and that was just one of the steps in furthering the approach.

As we are well into 2024 now, we at Fortra want to continue our commitment to empowering you all with the knowledge and tools needed to protect you, your organization, and even your family. This year, we will be looking more and more at the human element, and provide you with methods to practice repeatable, real-world techniques to ingrain positive habits and security behaviors to keep you as safe as possible.

People, processes, and tooling all impact an organization’s ability to maintain a strong AppSec program. In a recent panel at Black Hat Europe, Snyk spoke with two customers — Jaguar Land Rover (JLR) and Asda — about the unique challenges they face managing development teams, onboarding new security tools, and building a modern DevSecOps program throughout their organizations.

Widespread exploitation of these vulnerabilities in the wild has been confirmed including comprise of UnitedHealth’s Change Healthcare on February 22nd, by Lockbit. Sophos has confirmed various strains of malware using these vulnerabilities as part of delivery including LockBit ransomware, AsyncRAT, infostealers, etc.