Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

From predictive systems to the recent proliferation of generative AI-based virtual assistants such as ChatGPT, artificial intelligence has become a key driver in many sectors, and cybersecurity is no exception. The disruptive impact of GenAI has popularized AI use recently but this technology has actually been deployed for over 20 years in the security sector, serving as an additional and critical tool for proactive threat management that enhances operational efficiency.

Ransomware groups claimed responsibility for 5,461 attacks in 2024, with 1,204 of these attacks being publicly confirmed by victim organizations, according to Comparitech’s latest Ransomware Roundup report. The average ransom demand was more than $3.5 million, and the average ransom paid was $9.5 million. Many of these attacks involved data theft extortion, leading to the breach of nearly 200 million records.

Social engineering and phishing are involved in 70% - 90% of data breaches. No other root cause of malicious hacking (e.g., unpatched software and firmware, eavesdropping, cryptography attacks, physical theft, etc.) comes close. In fact, if you add up all other causes for successful cyberattacks together, they do not come close to equaling the damage done by social engineering and phishing alone.

Note: These vulnerabilities remain under active exploitation and Kroll experts are investigating. If further details are uncovered by our team, updates will be made to the Kroll Cyber Risk blog. A critical authentication bypass vulnerability (CWE-288) affecting FortiOS and FortiProxy (FG-IR-24-535) allows remote attackers to obtain super admin privileges via Node.js WebSocket traffic.

Internxt is proud to be one of the first cloud storage companies to protect business and individual data with the world’s most advanced encryption, post-quantum cryptography. Our post-quantum encryption protects your files and data from the potential threats of quantum computers that hold the power to break current encryption protocols due to their superior ability to solve complex algorithms in minutes or even seconds.

When it comes to securing your business, visibility into your company’s devices is key. As we so often say, you can’t protect what you can’t see. What’s more, visibility into your devices needs to be accurate and current – your IT security and operations teams can’t protect your environment if they’re working from data that’s hours (or days or weeks) old.

In this episode of the Trust Issues podcast, host David Puner dives into the complexities of secrets management with Ritesh Desai, General Manager at AWS Secrets Manager. They discuss the evolving landscape of secrets management, emphasizing the importance of a multi-layered defense strategy as organizations increasingly adopt cloud services, digital transformation and agile development practices.

Defenders often discuss security vulnerabilities on GitHub, Stack overflow, X (formerly Twitter), and other platforms to share knowledge of these threats and ensure users know when patches are available. Cybercriminals have a similar process, choosing to share vulnerability news, exploit code, and engage in technical discussions on cybercriminal forums. However, in contrast to defenders, these threat actors share this knowledge for the purpose finding unpatched systems and exploiting them.

On 13 March 2024, the US House of Representatives approved a bill which demands that the China-based ByteDance divests the popular social media platform TikTok, effectively banning it in the country. The measure was passed with a 352 to 65 vote after being introduced on 5 March 2024 by Republican Mike Gallagher and Democrat Raja Krishnamoorthi.

Identity thieves will do anything to get your Social Security Number (SSN). It's a very important piece of personal information. Locking your SSN is a proactive way to protect your name and money from fraud. The Federal Trade Commission (FTC) says that over 1.4 million Americans were victims of identity theft in 2022. Many of these crimes involved stolen Social Security numbers. To lower these risks, you need to learn how to safely lock your Social Security Number.