Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Kroll

Rise in MFA Bypass Leads to Account Compromise

In Q2 and Q3 of this year, Kroll observed an increase in large-scale AiTM phishing and BEC attacks targeting organizations within the professional services, banking and financial industries. In 90% of Kroll's recent BEC investigations, MFA was in place at the time of unauthorized access, but attackers can obtain authentication tokens and/or session cookies to easily evade defenses.

Tackling the 2023 SEC Cybersecurity Rules

The new rules from the U.S. Securities and Exchange Commission (SEC) on reporting mark a significant shift in the requirements for disclosing cyber breaches, leaving many businesses wondering how their cybersecurity practices will be impacted in the long run. These new rules create significant new disclosure obligations for public companies, requiring timely and detailed disclosures of material cybersecurity incidents and periodic disclosures about cybersecurity risk management and governance.

The IR Retainer Redefined: Boosting Cyber Resilience with MDR + Cyber Risk Retainer

An effective detection and response capability is essential for monitoring key assets, containing threats early and eradicating them. However, due to the current disparate nature of potential attack vectors within an organization, affording the wide range of sensors necessary can be a challenge as well as the worry of the disruption of critical services. Yet, without robust detection and response processes, businesses are left vulnerable.

Microsoft Teams Used as Initial Access for DARKGATE Malware

Kroll has observed an uptick in cases of DARKGATE malware being delivered through Microsoft Teams messages. These campaigns have mainly targeted organizations in the transportation and hospitality sectors. This activity has also been reported throughout open-source reporting, sharing a number of key indicators with Kroll observations, such as common filenames, adversary infrastructure and similar domain name conventions to host the initial download.

Agile Penetration Testing: Scaling Application Assessments [Webinar Replay]

Watch Kroll expert Rahul Raghavan (Senior Vice President, Cyber Risk) highlight how organizations can scale their application security assessments with agile penetration testing. In this webinar, Rahul discusses how CISOs, CTOs, product engineers and security leaders can elevate their security posture by integrating effective security testing within the agile development process. Key sections.

Q2 2023 Threat Landscape Report: All Roads Lead to Supply Chain Infiltrations | Webinar Replay

Watch Kroll’s cyber threat intelligence leaders highlight key trends observed in Q2 2023 and outline the critical issues that organizations should be aware of, including a significant rise in ransomware activity fueled by the MOVEit vulnerability and new methods of email compromise attacks.

Q2 2023 Threat Landscape Report: All Roads Lead to Supply Chain Infiltrations

Kroll’s findings for Q2 2023 reveal a notable shift toward increased supply chain risk, driven not only by the CLOP ransomware gang’s exploitation of the MOVEit transfer vulnerability, but by a rise in email compromise attacks. This and other key security trends are shaping a threat landscape in which diverse cyber threats are present.

Increased Use of Open Redirects in Phishing Campaigns

Kroll’s Cyber Threat Intelligence (CTI) team has been tracking an uptick in phishing campaigns utilizing open redirects. Open redirects are vulnerabilities commonly found on websites that allow for the manipulation of legitimate URLs, which actors can leverage to redirect users to arbitrary external URLs. They occur when a website allows for user-supplied input as part of a URL parameter in a redirect link, without proper validation or sanitization.

2023 KuppingerCole Leadership Compass Report: Managed Detection & Response Services

KuppingerCole has named Kroll as an Overall Leader in its latest analysis of the Managed Detection & Response services market. The KuppingerCole Leadership Compass provides an overview of the market for managed detection and response (MDR) services that manage a collection of cybersecurity technologies to provide advanced cyber threat detection and response capabilities, including Security Operations Center as a Service (SOCaaS) offerings.

Detection-as-Code: Frontline IR Intel for Faster, More Accurate SOC [Webinar Replay]

Threat intelligence can provide a rich insight into threat actor activity but often lacks the timelines and context that comes from the learning of real-life incident investigations. Security leaders need to know how to leverage this frontline intelligence to not only understand if they are likely to be in a similar situation but also to know how they could take immediate action on their defenses.