|
By Kroll
What recent AI security developments should change and what they should not—for security leaders and vulnerability management teams The question is no longer whether AI will affect vulnerability discovery. It is whether exposure management programs can keep up with a faster clock.
|
By Kroll
A combination of accelerating risk complexity and increasing attack times is creating a perfect storm for organizations. Responding effectively to this fast-evolving threat landscape demands more advanced capabilities.
|
By Kroll
The convergence of accelerated digitalization, complex global supply chains, and the rapid adoption of AI-driven automation, has elevated the importance of identity security. Combine this with the traditional and fragmented identity management approaches typical in manufacturing environments, and risk is multiplied. Failing to tackle identity, now becomes a direct threat to production continuity, regulatory compliance, and competitive advantage.
|
By Dave Burg
I recently wrote about how today’s cyber risk is defined less by breakthrough innovation and more by the industrialization of existing weaknesses. Given this, I wanted to dig a little deeper. Over a weekend I conducted some analysis on a longitudinal Aggregate Cyber Risk Index that scores six core threat vectors daily for 1,000 days on a 0–100 scale, drawing on six macro categories.
|
By Kroll
Artificial intelligence (AI) is transforming the business landscape at an accelerated pace. The announcement of Mythos from Anthropic, with its limited public release, is just one example of how LLMs are changing the speed at which unknown flaws in IT systems can be exposed.
|
By Kroll
Effective crypto asset management is now a critical priority. As adoption grows, so too does the scale and sophistication of threats that individuals and organizations now face. Digital asset security requires a layered approach, including cold storage, robust key protection, regular security testing and proactive regulatory compliance. This article examines the most prevalent threats to digital assets, outlines practical measures to mitigate risk and explores the evolution of global regulation.
|
By Kroll
This article was authored by Dave Burg Cybersecurity has long been framed as an arms race driven by increasingly sophisticated attacks. But that framing is increasingly outdated. The reality emerging from the front line is more uncomfortable: Today’s cyber risk is defined less by breakthrough innovation and more by the industrialization of existing weaknesses.
|
By Kroll
Enabling seamless user access without compromising security is a complex challenge. Gaurav Sheth, Cynthia Yang and Sorabh Chopra are helping to change that. As part of Kroll’s recently established team dedicated to Digital Identity, their focus is on transforming fragmented administration, manual processes and siloed identity solutions into mature programs.
|
By Kroll
This article provides an overview of Kroll’s investigation of the GARUDA C2 malware. Stay tuned for our upcoming white paper which will provide a deep dive into the malware’s architecture; command and control tradecraft; observed threat actor tactics, techniques and procedures; and actionable detection and mitigation guidance.
|
By Kroll
This week’s briefing covers: The attack chain invokes two preparatory batch scripts before the final wiper stage. Those scripts disable services, enumerate users, change passwords, log off sessions, disable network interfaces and begin destructive actions with diskpart, robocopy and fsutil before the final payload is launched. Dive deeper.
|
By Kroll
As per data published by the Office of the Australian Information Commissioner, the healthcare industry in Australia accounted for 22% of notifiable data breaches between January to June 2020, which was more than any other industry. Cybercriminals continue to target this industry due to the vast amounts of highly sensitive personal information (such as Medicare numbers, credit card information and medical insurance numbers) that is stored by healthcare providers.
- June 2026 (7)
- May 2026 (9)
- April 2026 (4)
- March 2026 (4)
- February 2026 (6)
- January 2026 (10)
- December 2025 (5)
- November 2025 (9)
- October 2025 (9)
- September 2025 (6)
- August 2025 (7)
- July 2025 (6)
- June 2025 (9)
- May 2025 (8)
- April 2025 (5)
- March 2025 (10)
- February 2025 (11)
- January 2025 (8)
- December 2024 (5)
- November 2024 (11)
- October 2024 (10)
- September 2024 (7)
- August 2024 (12)
- July 2024 (10)
- June 2024 (15)
- May 2024 (11)
- April 2024 (16)
- March 2024 (13)
- February 2024 (6)
- January 2024 (12)
- December 2023 (2)
- November 2023 (8)
- October 2023 (5)
- September 2023 (1)
- August 2023 (4)
- July 2023 (3)
- June 2023 (5)
- May 2023 (4)
- April 2023 (3)
- March 2023 (5)
- February 2023 (6)
- January 2023 (4)
- December 2022 (4)
- November 2022 (7)
- October 2022 (3)
- September 2022 (4)
- August 2022 (5)
- July 2022 (4)
- June 2022 (6)
- May 2022 (5)
- April 2022 (2)
- March 2022 (3)
- February 2022 (4)
- January 2022 (4)
- December 2021 (6)
- November 2021 (3)
- October 2021 (5)
- September 2021 (10)
- August 2021 (4)
- July 2021 (5)
- June 2021 (7)
- May 2021 (4)
- April 2021 (10)
- March 2021 (11)
- February 2021 (8)
- January 2021 (2)
Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency. We work with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber security, corporate finance, restructuring, legal and business solutions, data analytics and regulatory compliance. Our firm has nearly 5,000 professionals in 30 countries and territories around the world.
Kroll experts provide rapid response to more than 2,000 cyber incidents of all types annually. We help countless more clients with eDiscovery and litigation support (including expert witness services); managed detection and response services for both active threats and as an integral part of network security; notification solutions, including multilingual call center support; and proactive services, including general and threat-focused risk assessments, response planning, tabletop exercises and more.
Our experts are able to deliver best-in-class endpoint security through our managed detection and response solution, Kroll Responder. Responder handles every step, with 24x7 managed detection and response services fueled by threat hunting and superior incident response.