Kroll

New York, NY, USA
1932
  |  By Kroll
Explore Our Latest Insights on Artificial Intelligence (AI). Learn More.
  |  By Kroll
In today's digital landscape, organizations are increasingly reliant on internet-facing applications to conduct business and engage with customers. However, many organizations are unaware of the full extent of their internet exposure. Can you secure your organization if you do not know which internet-facing applications you own? Not effectively.
  |  By Kroll
Given the many laws, frameworks and industry best practices surrounding artificial intelligence (AI), it’s not surprising that lawyers, compliance professionals and others charged with AI governance and compliance are seeking a starting point for AI guidelines. A solid foundation is vital to building a program that satisfies the growing matrix of requirements while allowing companies to simplify and execute their programs amid growing complexity and change. The U.S.
  |  By Kroll
Microsoft 365 (M365) has become the industry standard for business email platforms, allowing users access to a variety of interconnected productivity and communication applications. With data readily available across multiple applications within M365, threat actors are using a specific technique to exfiltrate data within a user’s M365 email account.
  |  By Kroll
Microsoft 365 is the standard in modern enterprise environments, offering a robust suite of productivity and collaboration tools. With millions of users accessing sensitive data from various devices and locations, security vulnerabilities can arise, making it highly attractive for cybercriminals seeking to exploit and steal valuable data.
  |  By Kroll
IDATLOADER (aka HIJACKLOADER, GHOSTPULSE) has become prevalent in 2024, using advanced and new techniques such as BPL Sideloading, which Kroll reported on in June. Kroll observes IDATLOADER distributing malware such as ASYNCRAT, PURESTEALER, REMCOS, STEALC and what some might describe as a recent epidemic in LUMMASTEALER infections.
  |  By Kroll
Alongside an explosion in the popularity of large language models (LLMs) across many industries, there has also been an increase in the level of trust granted to these models. Whereas LLMs were once perceived as simple, friendly chatbots that could respond to basic questions or pull useful resources from the web based on user input, many have now been granted the ability to perform actions, anywhere from sending an email to deploying code. This is referred to as agency.
  |  By Kroll
The Kroll Security Operations Center (SOC) has recently detected and remediated a trend of incidents that involved socially engineering a victim into pasting a PowerShell script into the “Run” command window to begin a compromise. These incidents have typically begun with the victim user attempting to find “YouTube to mp3” converters, or similar, then being redirected to the malicious webpages.
  |  By Kroll
The legal and regulatory landscape is constantly evolving, continually intensifying the demands placed on organizations. As well as meeting the requirements of existing regulations such as the Payment Services Directive 2 (PSD2), companies must contend with the upcoming introduction of the Network and Information Security Directive or NIS2 (Directive (EU) 2022/2555) and the Digital Operational Resilience Act (DORA).
  |  By J. Andrew Valentine
Kroll has investigated many different tactics that threat actors use to steal consumer data on e-commerce sites. These types of attacks can be especially damaging for organizations that are responsible for storing customers’ personal and financial information that is collected during transactions.
  |  By Kroll
November 25 2024 Cyber Threat Intelligence Briefing This week’s briefing covers: Dive deeper: Playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
  |  By Kroll
Join Recruiter Insights APAC with Jason! In this video, Jason, a Kroll recruiter from APAC, shares essential tips for students on building a professional online presence. Learn how to make your LinkedIn profile shine, showcase your skills, and grow a network to start your career on the right foot. Explore career opportunities and start building your future at careers.kroll.com.
  |  By Kroll
Cyber Threat Intelligence Briefings Social: Each week our cyber threat intelligence team reports on the latest trends they observe from the trenches.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
The European Union’s (EU) new Digital Operational Resilience Act (DORA) is set to reshape how financial institutions handle their cybersecurity and operational risks. With enforcement from January 2025, DORA will impose a range of new standards and requirements. While there is an awareness of DORA in the marketplace, some firms do not fully understand its risks and consequences due to its broad scope. Similar to the introduction of the EU GDPR, many businesses might underestimate the effort needed to achieve compliance.
  |  By Kroll
This weeks' briefing covers: Dive deeper.
  |  By Kroll
This weeks' briefing covers: Dive deeper.
  |  By Kroll
This weeks' briefing covers: Dive deeper.
  |  By Kroll
As per data published by the Office of the Australian Information Commissioner, the healthcare industry in Australia accounted for 22% of notifiable data breaches between January to June 2020, which was more than any other industry. Cybercriminals continue to target this industry due to the vast amounts of highly sensitive personal information (such as Medicare numbers, credit card information and medical insurance numbers) that is stored by healthcare providers.

Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency. We work with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber security, corporate finance, restructuring, legal and business solutions, data analytics and regulatory compliance. Our firm has nearly 5,000 professionals in 30 countries and territories around the world.

Kroll experts provide rapid response to more than 2,000 cyber incidents of all types annually. We help countless more clients with eDiscovery and litigation support (including expert witness services); managed detection and response services for both active threats and as an integral part of network security; notification solutions, including multilingual call center support; and proactive services, including general and threat-focused risk assessments, response planning, tabletop exercises and more.

Our experts are able to deliver best-in-class endpoint security through our managed detection and response solution, Kroll Responder. Responder handles every step, with 24x7 managed detection and response services fueled by threat hunting and superior incident response.