Earlier this year we stated that bot attacks can be run by anyone, from skilled individuals to organised gangs. Bots can hit websites for a number of reasons. Common attacks include credential cracking to account takeover, to scalping. These bots have the power and capability to conduct multiple attacks repeatedly. Those actions have long seen standard for bots though, so what is new in the world of bot attacks? What is making these attacks more sophisticated?

In a significant cybersecurity incident, Cencora, a leading pharmaceutical services provider, experienced a data breach in February 2024, exposing sensitive patient information from 11 major pharmaceutical companies. This breach underscores the critical importance of robust enterprise risk management, vulnerability management, and endpoint security in protecting sensitive data and managing online reputation.

It’s a familiar post-disaster scene in seemingly every television medical drama. A ferry has crashed, or a train has derailed. Patients flood into the ER, each requiring urgent medical attention. The impossibly attractive medical staff must quickly assess and prioritize patients based on the severity of their injuries and the likelihood of survival. Someone with great hair likely says an inspiring quote and jumps immediately into action.

Penetration testing is a cornerstone of any mature security program and is a mature and well understood practice supported by robust methodologies, tools, and frameworks. The tactical goals of these engagements typically revolve around identification and exploitation of vulnerabilities in technology, processes, and people to gain initial, elevated, and administrative access to the target environment.

Maybe you’re considering AICPA SOC 2 certification? Aikido was recently examined to check that our system and the design of our security controls meet the AICPA’s SOC 2 requirements. Because we learned a lot about SOC 2 standards during our audit, we wanted to share some of the insights that we think might be helpful to someone starting the same process. Read our top tips on becoming ISO 27001:2022 compliant.

While both locker and crypto ransomware are types of ransomware, there is one key difference between the two. The main difference between locker and crypto ransomware is that locker ransomware locks an entire device whereas crypto ransomware only encrypts files and data stored on the infected device. Keep reading to learn more about locker and crypto ransomware and how your organization can prevent these and other ransomware attacks.

In the rapidly evolving landscape of technology, the fusion of Artificial Intelligence (AI) and cybersecurity is creating both exciting opportunities and formidable challenges. The recent breakfast briefing on the historic HMS Belfast served as a critical forum for industry leaders to explore these issues in depth.

On May 20, 2024, Live Nation discovered and disclosed an unauthorized activity in its third-party cloud database environment, which was eventually identified to be Snowflake, in its SEC filing. The database contains information regarding the company, primarily from its Ticketmaster subsidiary. Following this filing and in the following days, analysts discovered multiple clients of Snowflake have had data posted on the Dark Web for sale.

Did you know that in 2023, over 133 million healthcare records were breached? Healthcare has remained the most popular target for hackers and cybercriminals to attack. Why? These industries contain a huge amount of sensitive information, including: With such a vast amount of data at stake, tools for doctors should focus on privacy and security and help keep healthcare information safe from data breaches.

On May 2, 2024, Arctic Wolf Labs began monitoring deployment of a new ransomware variant referred to as Fog. The ransomware activity was observed in several Arctic Wolf Incident Response cases, each exhibiting similar elements. All victim organizations were located in the United States, 80% of which were in the education sector and 20% in the recreation sector. We are sharing details of this emerging variant to help organizations defend against this threat.