Human error behind misconfigurations, a host of insecure remote access issues, exposed business credentials with reused passwords and unpatched vulnerabilities have all contributed to a significant increase in cloud security incidents. Many organizations don’t foresee the challenges of what it will take to protect their data and operations after a move to the cloud.

In late 2022, artificial intelligence (AI) chat and conversational bots garnered large followings and user bases. AI chatbots, including ChatGPT, Meta’s Blender Bot3 and DeepMind, and Google’s Sparrow, have numerous benefits and uses, including potentially replacing current search engines, but there are notable drawbacks.

Undeniably, many companies fail to subscribe to an effective process for developing software that does not introduce added risk to the enterprise. Proprietary applications are coded without regard for security implications and are rushed to production in the name of increased quarterly revenue opportunities. Poorly engineered code can result in software security issues such as buffer overflows, improperly handled exceptions, memory leaks and input validation issues.

A major logistics company was hit by a ransomware attack at a time when it was reviewing and upgrading its cybersecurity defense. Kroll provided seamless incident response to enable the company to act quickly to mitigate and minimize the damage caused by the attack. The company also deployed Kroll Responder, Kroll’s award-winning Managed Detection and Response (MDR) solution, giving it comprehensive 24/7 visibility and management of threats and enhancing its long-term cyber resilience.

As part of a project to obtain more awareness of initial attack vectors outside of the common phishing and web application exploitation, Kroll’s Cyber Threat Intelligence team has developed a tool to enable the enhanced monitoring of the Python Package Index (PyPI) to find and obtain malicious packages that are added to it.