Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ignoring the little stuff is never a good idea. Anyone who has pretended that the small noise their car engine is making is unimportant, only to later find themselves stuck on the side of the road with a dead motor will understand this statement. The same holds true when it comes to dealing with minor vulnerabilities in a web application. Several small issues that alone do not amount to much, can in fact prove dangerous, if not fatal, when strung together by a threat actor.

2022 was a year of dramatic expansion for The Devo Platform. The enhancements of behavior analytics, workflow automation, and AI-driven threat detection have transformed the Devo Platform into a cloud-native, SIEM, UEBA, and SOAR solution. This gives security teams the visibility, high performance, and advanced analytics they need to respond quickly to threats and protect the business.

Co-authored by Carmine Clementelli and Jason Clark In recent times, the rise of artificial intelligence (AI) has revolutionized the way more and more corporate users interact with their daily work. Generative AI-based SaaS applications like ChatGPT have offered countless opportunities to organizations and their employees to improve business productivity, ease numerous tasks, enhance services, and assist in streamlining operations.

In this post we will explore Linux Crypto API for user applications and try to understand its pros and cons. The Linux Kernel Crypto API was introduced in October 2002. It was initially designed to satisfy internal needs, mostly for IPsec. However, in addition to the kernel itself, user space applications can benefit from it.

The world is increasingly embracing cloud technology. The fact that cloud requires minimal infrastructure and operational costs is attracting enterprises to shift to cloud. Remote and hybrid work modes following the pandemic has added to the continued rise of cloud.

A DNS server is an integral part of an AD environment. Simple yet crucial activities are accomplished using DNS servers, such as authenticating, searching for computers, and identifying domain controllers. But attackers know there are a lot of loopholes in DNS that they can exploit. And, they often already know about these vulnerabilities. In this blog, you will learn how attackers can abuse.

Kroll has won in four categories at the 2023 Cyber Defense Magazine Global InfoSec Awards which were announced at this year’s RSA Conference.

Kroll Cyber Threat Intelligence analysts have identified a new strain of ransomware, named CACTUS, targeting large commercial entities since March 2023. The name “CACTUS” is derived from the filename provided within the ransom note, cAcTuS.readme.txt, and the self-declared name within the ransom note itself. Encrypted files are appended with.cts1, although Kroll notes the number at the end of the extension has been observed to vary across incidents and victims.

Cybersecurity is a critical concern for businesses of all sizes and industries. With the increasing sophistication of cyber threats, it's more important than ever to have a robust security strategy in place. However, many organizations lack the expertise or resources to manage their cybersecurity needs effectively. This is where professional services come in.

We have recently concluded the first quarter of 2023, and there have already been over 250 patches for the many components and flavours of Microsoft’s operating systems, as well as a handful of patches for Adobe, Apple, and Android. If you are a computer professional, you have also had to patch various other enterprise-class hardware and software assets in your environment. With all of the technology we have today, installing software updates has become a near-daily, full-time activity.