On May10th, Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Department of Health and Human Services (HHS), and Multi-State Information Sharing and Analysis Center (MS-ISAC) issued an urgent advisory about malicious threat activity involving the Black Basta ransomware variant. Detailed information about these threats and the associated IOCs and TTPs can be seen on #StopRansomware: Black Basta.

System hardening is the process of configuring a system to a more secure state. Many technology solutions are not securely configured by default, so system administrators must harden systems while retaining their desired functionality. Thankfully, system administrators do not have to figure out system hardening on their own. Instead, they can reference security benchmarks which describe recommended secure configurations for a system.

As AI adoptions become increasingly integral to all aspects of society worldwide, there is a heightened global race to establish artificial intelligence governance frameworks that ensure their safe, private, and ethical use. Nations and regions are actively developing policies and guidelines to manage AI’s expansive influence and mitigate associated risks. This global effort reflects a recognition of the profound impact that AI has on everything from consumer rights to national security.

Everywhere we look, organizations are harnessing the power of large language models (LLMs) to develop cutting-edge AI applications like chatbots, virtual assistants, and more. Yet even amidst the fast pace of innovation, it’s crucial for security teams and developers to take a moment to ensure that proper safeguards are in place to protect company and customer data.

“Your entire company network was compromised, all through a single login.” That’s the reality of an employee single sign-on (SSO) breach nightmare. Hackers create fake SSO login pages in order to steal employee credentials, which can literally give them “the keys to the kingdom” – access to the most sensitive data of the organization. From a disgruntled ex-employee to a compromised user, it can become a devastating security hole. It happens more than you think.

In the high-stakes world of cybersecurity, complacency can spell disaster. At Sumo Logic, we don’t just adapt to the evolving threat landscape; we redefine it. Sumo Logic was recognized as a Challenger in the 2024 Gartner Magic Quadrant for Security Information and Event Management. This recent positioning reflects our Ability to Execute and Completeness of Vision. We believe this isn't just a recognition. Challenge accepted! In 2021 and 2022, Sumo Logic was recognized as a Visionary.

In May 2024, Vodafone Idea (Vi) became the first Indian telecommunications company to achieve the SOC2 (Service Organization Control 2) Type II Attestation. This accomplishment not only underscores the company’s commitment to stringent security standards but also sets a benchmark for the entire industry.

According to the Identity Theft Resource Center’s (ITRC) 2023 Business Impact Report, 73% of small business owners in the US reported a cyber-attack within the previous year, underlining the growing popularity of small businesses as a target among malicious actors. Given this recent wave of cyberattacks, all small businesses must do their part to secure their Point of Sale (POS) systems from unauthorized parties.

Cybercriminals are notoriously tricky to pin down. They are experts in obfuscation and misdirection, masters of avoiding consequences. Not since the early days of the Wild West have criminals managed to evade capture and maintain anonymity as effectively as modern cybercriminals do. Part of the reason for these staggeringly low conviction rates is that we usually have little idea of what country an attacker is in.

Just when you think bad actors cannot sink any lower, they find a way to. In a recent chilling evolution of ransomware tactics, attackers are now also targeting the families of corporate executives to force compliance and payment. Mandiant's Chief Technology Officer, Charles Carmakal, highlighted this disturbing trend at RSA last week: criminals engaging in SIM swapping attacks against executives' children.