Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

This New Wi-Fi Attack Can Intercept Data Traffic

The growing complexity of networks and connected devices makes implementing effective cybersecurity an increasingly complicated task. While businesses have shown more awareness of the need to elevate their security posture in recent years, several fundamental cyber hygiene issues still need to be addressed.

Threat Context monthly: Executive intelligence briefing for August 2024

Welcome to the Threat Context monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber Threat Intelligence team. Here’s what you need to know from August.

From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms

NOTE: This research was recently presented at Black Hat USA 2024, under the title “From MLOps to MLOops – Exposing the Attack Surface of Machine Learning Platforms”. The JFrog Security Research team recently dedicated its efforts to exploring the various attacks that could be mounted on open source machine learning (MLOps) platforms used inside organizational networks.

On The Hunt for Hunters Ransomware: Origins, Victimology and TTPs

Amid the disruption of the Hive ransomware group by law enforcement agencies, Hunters International emerged onto the cyber scene in Q3 of 2023, displaying notable technical similarities with Hive, hinting at an evolutionary progression or branch-off from the dismantled group. This transition underscores the adaptive nature of cybercriminal networks, persisting in their illicit activities despite law enforcement actions.

The Role of ISO 27001 in Enhancing Information Security

In today's digital age, information security is paramount for organizations of all sizes and industries. Protecting sensitive data from cyber threats, unauthorized access, and other vulnerabilities is a critical concern. One of the most effective frameworks for achieving robust information security is ISO 27001. This international standard provides a comprehensive approach to managing and safeguarding information assets. This article delves into the role of ISO 27001 in enhancing information security, exploring its key principles, benefits, and implementation strategies.

Strengthening your defenses: Aligning Firewall Analyzer with the new PCI DSS v4.0 standards

According to IBM’s 2023 Cost of a Data Breach Report, the global average cost of a data breach is $4.45 million. This includes expenses related to detection, response, and post-breach costs. Moreover, non-compliance can result in regulatory fines. For instance, GDPR violations can lead to fines of up to €20 million or 4% of the company’s annual global turnover, whichever is higher. The challenges don’t stop there.

Data-leak site emergence continues to increase

As the threat landscape continues to develop, ransomware and data brokerage groups constantly emerge, develop, and disband. Cyjax observed a relatively high level of data-leak site (DLS) emergence in July 2024, with a total of nine new sites. For reference, the highest observed number of ransomware groups that have emerged in a single month is ten (September 2022).

CISOs at the forefront of DevOps Security - top 10 data protection traps

Shared Responsibility Models, NIS2, DORA, or SOC 2 & ISO audits, accidental deletions, and the evolving threat landscape in SaaS apps confirms that DevOps Security becomes a priority. CISOs and DevOps teams need to meet halfway to secure data processed across GitHub, GitLab, and Atlassian, without compromising agility and efficiency. However, finding this middle ground is not an easy task.