Stolen credentials are the easiest route into your organization for a hacker. Verizon’s 2023 Data Breach Investigation Report found that threat actors used stolen credentials in 49% of attempts to gain unauthorized access to organizations. The problem IT teams face is knowing when credentials have been stolen or leaked in a breach – otherwise you’re waiting to respond to a security issue rather than handling it proactively.

The staggering sum of US $75 million has reportedly been paid to a ransomware gang in what is believed to be the largest known ransom payment made by a cyber attack victim since records began. Researchers at Zscaler claim in a new report that the record-breaking figure was paid by an undisclosed Fortune 50 company to the Dark Angels ransomware group.

Netskope Threat Labs publishes a quarterly summary blog post of the top threats we track on the Netskope platform. This post aims to provide strategic, actionable intelligence on active threats against enterprise users worldwide.

Is cyber risk insurable? That question is often at the heart of the debate about the future of the cyber insurance industry. One of the primary drivers of that question is the insurance industry’s challenges when managing systemic cyber risk since many believe that systemic cyber risk has the potential to bankrupt the industry. While there hasn’t been a catastrophic cyber incident that has proven the skeptics right, there have been several close calls.

Recent critical vulnerabilities in ServiceNow, a widely used cloud platform, have put numerous organizations at risk of data breaches. Threat actors are exploiting these input validation flaws, enabling remote code execution and unauthorized access. Despite recent fixes, government agencies, data centers, and private firms remain targeted. This blog highlights how these flaws are exploited for data theft and outlines security measures to mitigate these risks.

Mobile devices are an indispensable part of our modern lives. While twenty years ago most people just used their phones to make phone calls, today they serve an ever-growing number of purposes. They still keep us connected, of course, but they also allow us to be more productive anywhere we go. That increase in accessibility is why enterprise mobile security is just as essential as the devices themselves.

Modern organisations today are increasingly adopting cloud operations to enhance their agility, scalability, and efficiency. By moving to cloud-based platforms, businesses can leverage powerful computing resources without the need to invest heavily in physical infrastructure. This shift not only reduces capital expenditure but also allows organisations to quickly scale operations in response to demand fluctuations.

The NIS2 Directive is the European Union’s flagship cybersecurity law, poised to significantly strengthen cyber defenses across the EU when it takes effect on 17 October 2024. This upgraded version of the 2016 NIS Directive (NIS1) not only introduces stricter rules but also broadens its reach, covering more sectors and businesses, ensuring comprehensive protection and a stronger security posture.

Data breaches have increased this year, costing businesses $4.88 million—a 10% increase from 2023 and the highest increase since the pandemic. The cost is due to several factors, but an internet leak is one of the common factors that cost businesses money, causes loss of reputation, and threatens the online privacy of the general public. So, what can you do to help yourself, friends, family, employees, or businesses to limit the costs of a data breach or internet leak?