Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Since the start of the pandemic, the cyber insurance industry has been facing its biggest challenge to date. A ransomware crime spree is demonstrating the speed and scale of cyber risk and how this type of risk is unlike any other insurable risk. The number of ransomware attacks increased by 150%. Total ransoms paid are up 311%. The dramatic rise in frequency and severity resulted in a record high loss ratio of 67% for insurance carriers.

The Log4Shell vulnerability took the Java community by surprise at the end of 2021, and many organizations are still mitigating its impact. To help development teams stay informed as the situation unfolds, Snyk has created and continues to update its Log4j vulnerability resource center.

The discipline of threat intelligence began to be incorporated in cyber defense processes within private sector companies nearly a decade ago. Over the past few years, more and more organizations began to establish their own threat intelligence operations, building Security Operations Centers (SOCs), incident response (IR) capabilities and threat intelligence teams.

Over the past months, Cyberint Research Team observed a new group that emerged on several underground forums. What seemed to be “yet another info stealer seller” has turned out to be something far more interesting. As the group is named Jester Stealer, that were, at first, selling a fairly sophisticated info stealer (Figure 1). Other evidence suggests that there is much more to it. Cyberint Research Team discovered a developing threat group that gets their claws into whatever they can find.

The growing wave of cybercrime targets businesses in every industry, and law firms are no exception. With many unique cybersecurity risks, law firms are more onerous to secure than other organizations. In addition to having to fend off threats from cybercriminals, they must also overcome the threat posed by hacktivists and nation-states. Law firms are especially attractive to bad actors because attorneys need access to highly sensitive data to provide legal services.

Sysdig today announced that it has achieved Amazon Web Services (AWS) Security Competency status. This crucial designation recognizes the value provided by the Sysdig Secure DevOps Platform to AWS customers to achieve their container and cloud security goals. As a key partner for the ecosystem, Sysdig collaborates closely with AWS and its customers to enhance the protection of cloud infrastructure and applications against continuously evolving security threats.

SOAR — or security orchestration, automation and response — is a collection of processes, software and tools that allows teams to streamline security operations. SOAR platforms are a hot topic in the realm of cybersecurity these days, and with good reason.