Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

April 2024

kroll

Penetration Testing as a Service (PTaaS): What is it and How Can it Benefit Your Organization?

Apr 30, 2024 By Kroll In Kroll
Learn about careers with us and search open job opportunities here. Penetration testing as a service (PTaaS) plays a vital role in enabling organizations to mitigate enhance their cyber posture. As a hybrid security solution, it combines automation and human assessments in order to test for vulnerabilities that could be missed by legacy scanning tools.
Read Post

Webinar: Incorporating Digital Risk Exposure in Your Threat Detection Strategy

Apr 26, 2024 By Kroll In Kroll
Watch as Kroll experts Wojcieszek and Scott Hanson outline the key benefits of incorporating surface, deep and dark web intelligence into your threat detection and response plans. During the session, they discuss the top use cases of digital risk protection and the best approaches to mapping out and reducing your digital risk across all areas of the internet. They also outline how security teams can use this external threat intelligence to improve their threat detection and response efforts and get wider visibility across the attack lifecycle.
View Video
kroll

The Impact of PCI DSS 4.0 on Organizational Penetration Testing Strategies

Apr 25, 2024 By Kroll In Kroll
PCI DSS version 4.0 recently took effect on March 31, 2024, and includes no less than 63 new requirements. This is the first update of the information security standard designed to defend against payment and credit card fraud since the release of PCI DSS v3.2 eight years ago.
Read Post
kroll

CVE-2024-3400: Zero-Day Remote Code Execution Vulnerability Exploited to Attack PAN-OS

Apr 23, 2024 By Kroll In Kroll
A command injection vulnerability, being tracked as CVE-2024-3400, was recently discovered in the GlobalProtect feature of Palo Alto Networks PAN-OS software. This vulnerability has a CVSS score of 10 (Critical) and is actively being exploited in the wild. It impacts versions PAN-OS 120.2, PAN-OS 11.0 and PAN-OS 11.1. If exploited on vulnerable PAN-OS versions and distinct feature configurations, an unauthenticated attacker could execute arbitrary code with root privileges on the firewall.
Read Post
kroll

PasskeyScanner: A Kroll BurpSuite Extension for Passkeys

Apr 23, 2024 By Kroll In Kroll
Despite being a globally accepted security measure, passwords have associated issues that have led to countless breaches and compromised systems over many years of not-so-secure authentication technology. Yet passwords remain the dominant form of authentication because more secure options have not been accessible to all users. Passwords have evolved into the security risk they are today because, as the security requirements for passwords have increased, usability has decreased.
Read Post
kroll

Akira Ransomware Makes a Play for VPNs Without Multi-Factor Authentication

Apr 19, 2024 By Kroll In Kroll
Learn about careers with us and search open job opportunities here. In Q4 2023, Kroll identified an uptick in engagements involving Akira ransomware, a trend that has continued into 2024. Kroll observed that in the majority of cases, initial activity could be tracked back to a Cisco ASA VPN service.
Read Post

Cyber Risk Solutions from Kroll

Apr 19, 2024 By Kroll In Kroll
We are the world’s leader in incident response. Merging complete response capabilities with frontline threat intelligence from over 3000 incidents handled per year and end-to-end expertise we protect, detect and respond against cyberattacks. For immediate assistance, contact us via our 24x7 cyber incident hotlines. Tackle every facet of today and tomorrow’s threat landscape with guidance from Kroll’s Cyber Risk experts. Enriched by frontline threat intel from 3000+ incident response cases every year, Kroll’s protection, detection, and response solutions immediately mature your cyber posture.
View Video

Elevating a UK Bank's Cyber Risk Mitigation Capabilities

Apr 4, 2024 By Kroll In Kroll
Seeking to bolster its operational resilience, a UK bank was on the hunt for a partner to enhance their threat visibility throughout its environment, assuming the responsibility of monitoring key infrastructure and assets around the clock. In fast-moving threat landscape where security alerts can quickly multiply, Kroll's Managed Detection and Response (MDR) service, Kroll Responder, cuts through the noise. Learn how we helped our client improve cyber resilience by significantly reducing false positives, thus improving operational efficiency and security effectiveness.
View Video

Enhancing Security Visibility for a Leading Asset Management Firm

Apr 1, 2024 By Kroll In Kroll
In the fast-paced world of asset management, security visibility and quick response to incidents are paramount, but building these capabilities in-house can be a challenge. Discover how our Kroll Responder MDR service helped a leading asset management firm identify and respond to security incidents faster and more effectively. Through an outcome-driven approach, Kroll offered the expertise and network and endpoint detection technologies to manage threats around-the-clock.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.