Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Windows permission misconfigurations remain a common attack vector in enterprise environments. Attackers consistently leverage these misconfigurations for privilege escalation, with Security Descriptor Definition Language (SDDL) emerging as a blind spot. From LockBit's manipulation of event log permissions to RomCom's exploitation of Task Scheduler vulnerabilities (CVE-2024-49039), SDDL misconfigurations have become a prime target for sophisticated attacks.

In this day and age, establishing cryptographic trust and encryption between internal services is a must. Without this, attackers who gain access to your internal networks can easily impersonate services and intercept exchanged data. As time has gone on, the potential impact of compromise has only grown as machines are trusted with increasingly sensitive data and completing increasingly important tasks.

These days, businesses lean heavily on third-party vendors to boost efficiency and bring fresh ideas to the table. But with that reliance comes risk — from data breaches to compliance issues to disruptions that can ripple through your entire operation. That’s why it’s so important for technology leaders to put strong Third-Party Risk Assessments (TPRAs) in place.

In a statistical report published in September 2024 by the Federal Bureau of Investigation (FBI), it was revealed that more than US$55 billion was lost to business email compromise (BEC) attacks between October 2013 and December 2023. This profitability drives attackers to further their techniques and adapt to security filters. BEC is a highly sophisticated and researched scam that aims to bait a specific type of employee or department in a company.

The Payment Card Industry Data Security Standard (PCI DSS) has long been recognized as the gold standard for payment security, establishing rigorous protocols for organizations that handle credit and debit card data. Designed to bolster defenses and minimize the risk of costly data breaches, PCI DSS is now poised for a major evolution. With the introduction of PCI DSS 4.0, new compliance requirements will become mandatory starting March 31, 2025.

For SAQ A-EP merchants, securing payment pages requires sophisticated monitoring and compliance tools. PaymentGuard offers a turnkey solution that automates these requirements, typically operational within 24-48 hours.

Did you know that while AI is revolutionizing industries such as healthcare and finance, it’s also becoming a potent tool for cybercriminals? Fact Check – True. Ransomware attacks are becoming more frequent and sophisticated, driven by AI advancements. This blog examines AI’s dual role in cybercrime—both as a tool for attackers and a defense for cybersecurity—focusing on ransomware, data theft, and protective measures.

In this blog post, we will share our current understanding of the User Personas involved with Ricosity today. Job titles and responsibilities may vary, but the following User Personas are a reflection of the average users we meet who hold these roles at their organizations.

You might not recognize the term “OAuth,” otherwise known as Open Authorization, but chances are you’ve used it without even realizing it. Every time you log into an app or website using Google, Facebook or another account, OAuth grants that service limited access to your data without sharing your password. OAuth simplifies user authentication across platforms, making it a key part of secure online experiences.

A brute force attack is a trial-and-error technique used by cybercriminals to gain access to sensitive information such as passwords, encryption keys, or login credentials. Essentially, it involves systematically attempting every possible password combination until the correct one is found. It’s akin to a thief trying to open a combination lock by testing every possible number sequence.