Having conducted more than 3,200 incident response engagements in 2021, Kroll’s Threat Intelligence team now tracks more than 200 ransomware threat actor groups. Kroll’s global Incident Response teams are very familiar with actions traditionally associated with a network intrusion, from initial access to lateral movement to privilege escalation to data exfiltration—and in the case of financially motivated actors, ransomware deployment.
Last December, ThreatQuotient announced it had achieved SOC 2 Type II compliance for the ThreatQ Platform. The milestone is significant because it demonstrates third-party validation that ThreatQuotient continues to meet and exceed industry security standards, previously verified by Type I.
Requirements for reporting cybersecurity incidents to some regulatory or government authority are not new, but there has always been a large amount of inconsistency, globally, in exactly what the requirements are. More recently, there’s been a growing trend across government and regulatory bodies in the United States towards shorter timeframes for reporting of cybersecurity incidents. Here’s a brief rundown of the recent activity.
The modern infrastructure is controlled by the DNS with pointers to both internal and third-party services. As a result, organizations are simultaneously expanding their attack surface and inviting potential cyber threats. Unknown subdomains can be challenging, as they are not always closely monitored.
Microsoft Word, Excel, PowerPoint, and other Office document formats are popular among attackers, who abuse them to infect their victims with ransomware, infostealers, backdoors, and other malware. In this article, we look at the anatomy of a recent Office document attack from the victim’s perspective, highlight the most common types of Office document attacks seen today, and suggest strategies to reduce your risk of becoming the latest victim.
There are countless reasons why you might want to keep the websites you’re visiting a secret. For example, you could be planning a surprise vacation for your best friend, seeking out information that’s meant to be banned in your country, or simply trying to minimize what advertisers know about you.
Our previous blog post on authorization security covered the seven most common authorization vulnerabilities. This post will discuss 11 authorization best practices that help avoid vulnerabilities and defeat specific attack vectors.
At the Rubrik Data Security Spotlight, we introduced Rubrik Cloud Vault, our fully managed, secure, and isolated cloud vault service built on Microsoft Azure. Rubrik Cloud Vault enables customers to build a comprehensive and multi-layered data protection strategy to be cyber resilient.
