Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

What do Morgan Stanley, Samsung, and a New York credit union all have in common? They aren’t of the same scale, do not cater to the same customer needs, nor do they store similar data. But, if there’s one thing in common between these three organizations, it’s that they’ve all been victims of a data leak. Morgan Stanley, the banking conglomerate, suffered a data leak due to sheer negligence of handling data at rest.

An important deadline is just around the corner for businesses that operate in the European Union (EU): By October 17, 2024, EU Member States must implement the NIS2 Directive into their national laws. Failure by critical infrastructure organizations to comply with additional cybersecurity obligations can result in consequences including financial penalties and reputational damage.

The Office for National Statistics (ONS) most recent Crime Survey for England and Wales (CSEW) has revealed that computer misuse cases rose 37% in the year ending March 2024, bucking a general trend of decline. The CSEW first started tracking computer misuse in the year ending (YE) March 2017, which saw roughly 1.8 million incidents. By March 2023, this number had fallen to 745,000. In March 2024, however, computer misuse incidents rose dramatically to 1 million.

The CIS Critical Security Controls (CIS Controls) are a set of best practices designed to help organizations protect themselves from the most common cyber attacks. First developed in 2008, the controls define the minimum level of cybersecurity any organization that collects or maintains personal information should meet. CIS released version 8.1 of the CIS Critical Security Controls on June 25th, 2024.

The subscription model is a gift that keeps on giving. For customers, it offers convenience, flexibility, and continuous access to the services or products they love. For businesses, it creates a steady and predictable revenue stream, fosters long-term customer relationships, and provides valuable insights into user behavior. But here’s a third player in the game that loves subscriptions just as much: fraudsters.

The digital footprint of organizations has evolved and grown significantly over the past 10 years, now its important to not only protect just IP addresses and domains but also social media, payment platforms, and third-party services. Identifying risks like vulnerabilities, supply chain attacks, and credential leaks are crucial for organizational security. The Cyberint team have analyzed 1000s of risks and threats and narrowed down the top 4 risks facing Latin America in 2024 and going into 2025.

Statista projects that the total cost of cybercrime will increase from $6.4 trillion between 2024 and 2029, reaching a staggering $15.63 trillion by the end of this period. They reported: "The global indicator 'Estimated Cost of Cybercrime' in the cybersecurity market was forecast to continuously increase between 2024 and 2029 by in total 6.4 trillion U.S. dollars (+69.41 percent). "After the eleventh consecutive increasing year, the indicator is estimated to reach 15.63 trillion U.S.

Whether it's expanding to new regions or selling to larger customers with higher expectations, establishing an effective security and compliance program is a necessary step for growing startups. For many, the first step to unlocking growth is getting a SOC 2 report, which can be a complicated process. Many startups struggle to achieve compliance due to unclear requirements and an overwhelming amount of tools to choose from—making it hard to know which solution can get them compliant, fast. ‍

Discover ggshield's latest enhancements, allowing you to craft custom remediation messages, format scan results in SARIF, and help you better shift left for secrets security.

Cyberattacks by hacking groups using ransomware and other tactics dominate the headlines, but the risks posed by individuals within an organization can be just as, if not more, damaging. CISA defines an insider threat as the possibility that authorized personnel will use their access, either intentionally or unintentionally, to harm an organization’s mission, resources, information, systems, or other assets.