Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

NOTE: The MOVEit Transfer vulnerability remains under active exploitation, and Kroll experts are investigating. Expect frequent updates to the Kroll Cyber Risk blog as our team uncovers more details. On June 5, 2023, the Clop ransomware group publicly claimed responsibility for exploitation of a zero-day vulnerability in the MOVEit Transfer secure file transfer web application (CVE-2023-34362).

I recently had a chance to speak with Chris Mellor at Block and Files about the emergence of Velero as the standard for Kubernetes data protection. I shared some ballpark estimates of market share across open source and commercial vendors to make my case. These numbers were obtained through diligent market research. They are estimates, but they are not imaginary.

Harvard Pilgrim Health Care is an insurance provider that offers non-profit healthcare to residents in a variety of different states, including New Hampshire, Maine, Connecticut, and Massachusetts. The company generates more than $622 million in revenue annually and employs over 4,400 people during its regular operations. It works with millions of patients, and a mix of those patients was exposed in the recent data breach impacting that company.

To stay safe while playing online video games, you should follow cyber hygiene best practices to protect your anonymity. Best practices include using strong passwords, using a VPN and keeping your software updated. Read our eleven recommendations for keeping sensitive information secure and protecting yourself while playing online games.

In a climate where companies largely gain attention only when something negative happens, it’s time to celebrate and recognize the companies who are best in class when it comes to cybersecurity. That’s why we applaud Forbes’ decision to produce the industry’s first list of America’s Most Cybersecure Companies. These companies illuminate how cybersecurity is being taken seriously as a core business issue.

The constant evolution of technology has led to increasingly sophisticated and frequent cybersecurity threats. As a result, the need for skilled professionals who can effectively handle these threats has never been more pressing. Sadly, there is a shortage of such experts to meet the growing demand. The (ISC)² Cybersecurity Workforce Study revealed that the global cybersecurity workforce gap is 3.4 million people.

While some of the obvious misuse of ChatGPT in the world of cyber security was not unexpected – asking the artificial intelligence to write harder-to-detect malware and easier-to-convince phishing emails – a new threat has emerged that can leverage the very nature of the large language model. Ultimately, ChatGPT is a learning machine, and bases its answers on information it sources from the Internet.

Unless engineering practices introduce efficiencies, promote flexibility and drive revenues early, cloud migrations risk stalling because of cost and time overruns.

A subdomain is a prefix added to a domain name to separate a section of your website. It’s a part of the Domain Name System (DNS) hierarchy and is a domain that is a part of another (main) domain. Subdomains are primarily used to manage extensive sections of a web application that require their own content hierarchy, such as online stores, blogs, job boards, or support platforms.

Cyberint discovered in the ‘wild’ what could possibly be associated with the ‘Cardpool’ gift card breach, a file named ‘cardpool leak’. It was collected by our platform, Argos. ‘Cardpool’ was an online business where customers exchanged or sold their unwanted or partially used gift cards. It was shut down in early 2021, but it’s been discovered that in late April 2021, a Russian Threat Actor allegedly sold $38 million worth of gift cards there.