Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The cybercriminal threat actor FIN7 is launching spear phishing attacks against the automotive industry in the United States, according to researchers at BlackBerry. The threat actor identifies IT employees at automotive companies and attempts to trick them into downloading a Trojanized version of a free IP scanning tool. FIN7 is a Russia-based financially motivated threat actor that carries out a variety of cybercrime activities, including ransomware attacks.

Analysis of cyber attacks targeting U.K. organizations highlights the effectiveness of social engineering attacks and the fact that businesses are missing the mark on how to stop it. The U.K. Government just released their Cyber Security Breaches Survey 2024 where they asked U.K. businesses and charities about their experiences with cyber attacks and breaches, their preparedness plans, response plans and the impacts of the attacks. According to the survey results, half (50%) of all U.K.

Learn about careers with us and search open job opportunities here. In Q4 2023, Kroll identified an uptick in engagements involving Akira ransomware, a trend that has continued into 2024. Kroll observed that in the majority of cases, initial activity could be tracked back to a Cisco ASA VPN service.

As cyber threats continue to surge and malicious insiders pose significant risks, user and entity behavior analytics (UEBA) tools have become an essential component of a comprehensive security strategy, helping organizations to detect anomalous behavior and hidden threats.

In the throes of the Fourth Industrial Revolution, the manufacturing sector stands at the crossroads of groundbreaking innovation and an ever-growing shadow of cyberthreats. IT modernization has created digital fortresses by transforming legacy manufacturing systems and operations into connected, smart factories – the demand for robust cybersecurity measures has never been more critical.

Security testing allows you to evaluate the robustness of applications and systems and identify potential weaknesses that attackers may exploit. DAST and fuzzing are two popular, important, and proven security testing methods.

Software Composition Analysis (SCA) is the practice of identifying the open source libraries your code depends on. By using SCA, you can analyze these dependencies and determine whether they are affected by any known vulnerabilities, contain malicious code, introduce licensing risk, or are poorly maintained. SCA helps teams understand their software’s dependencies and the security implications of using them so that they can safely build on and innovate with open source code.