Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Kroll

What Is Application Security? Trends, Challenges & Benefits

Application security is integral to software development, and the majority of organizations now have dedicated AppSec programs. In the past five years, there has been a marked cultural shift, with application security becoming a strategic initiative that spans departments rather than an activity, like periodic scanning, code reviews, or testing or a transactional event related to a security assessment.

Q2 2022 Threat Landscape: Ransomware Returns, Healthcare Hit

In Q2 2022, Kroll observed a 90% increase in the number of healthcare organizations targeted in comparison with Q1 2022, dropping the final nail in the coffin for the “truce” some criminal groups instituted earlier in the COVID pandemic. Ransomware helped to fuel this uptick against healthcare as attacks increased this quarter to once again become the top threat, followed closely by email compromise.

How to Assess Your Organization's Application Security

Application security assessments are more critical than ever before. Digital transformation is required to meet the expectations of customers in many industries, meaning that companies are looking for software products to help them modernize their operations and meet those demands. However, choosing a piece of software is an expression of trust: by bringing your software into their network, customers are looking to accomplish their goals without letting attackers in.

Optimizing the CISO and Board Roles in Heightened Risk Periods

With companies in virtually every industry facing persistent and increasing cyber security threats, federal regulators are taking steps to protect customers and investors. In March, the SEC proposed new cyber security transparency rules that would require publicly traded companies to disclose, among other things, the cyber security expertise—or lack thereof—among their board members. This is despite the evidence that it is a recognized risk within businesses.

The Rise of Vishing and Smishing Attacks - The Monitor, Issue 21

Kroll has observed an increase in two social engineering tactics known as “vishing” and “smishing.” These tactics use phone calls, voice altering software, text messages and other tools to try to defraud unsuspecting people of valuable personal information such as passwords and bank account details for financial gain. These types of attacks use similar techniques to the common infection vector, phishing.

New MFA Bypass Phishing Method Uses WebView2 Applications with Hidden Keylogger

mr.d0x, a security researcher who previously released phishing tactics such as browser-in-the-browser (BitB) and utilized NoVNC to circumvent two-factor authentication (2FA), has released a new phishing attack method that exploits WebView2 applications to steal cookies and credentials. The code base utilizes a modified version of Microsoft’s WebView2 Samples repository. Microsoft has developed a new module called “Microsoft Edge WebView2 control”.

A CISO's Guide to Container Security: Understanding Vulnerabilities & Best Practices

Companies are introducing new apps and services to enable remote work, improve supply chains and handle disruptions caused by the pandemic. Our digital-first world thrives on speed and efficiency, and containers play a huge part in getting applications up and running quickly. Though containers offer many advantages over traditional virtualization, they also introduce significant security risks.

How to Identify Timestomping using KAPE

Timestomping is a common anti-forensic tactic that threat actors use in order to hide their tools on a victim’s file system. Detecting and analyzing timestomping can be time-consuming for examiners, but with a combination of the Kroll Artifact Parser and Extractor (KAPE), MFTECmd and Timeline Explorer, the process is expedited, allowing examiners to focus on data instead of worrying about parsing files.