Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Nearly 80 per cent of all ransomware attacks in the first half of 2021 involved the threat of leaking exfiltrated data. Exfiltration is a popular pressure tactic as it introduces the threat to publish stolen sensitive data to a threat actor extortion website if a ransom payment is not received. Our team currently tracks over 40 threat actor extortion websites, with new sites belonging to new ransomware groups emerging each week.

This is a story of an emperor who wanted to protect people and grow his empire. Once he had to face the biggest battle. He conquered the battle through back door intelligence of the enemy. With a risk-based approach he was able to predict the actions of the enemy. This made him invincible. In today’s world, CISO organization faces the same battle but against the cyber war and are therefore are under constant pressure to protect organization.

Security compliance management is the process of monitoring and assessing systems, devices, and networks to ensure they comply with regulatory requirements, as well as industry and local cybersecurity standards. Staying on top of compliance isn’t always easy, especially for highly regulated industries and sectors. Regulations and standards change often, as do threats and vulnerabilities. Organizations often have to respond quickly to remain in compliance.

In our digital age, cybersecurity is everyone’s responsibility. Every device you use, the app you download, the bit of information you share, or the message you open comes with a certain amount of risk.

We’re excited to announce two big updates to our Snyk User Content platform. You can now get better, quicker, clearer access to Snyk user documentation, allowing you to find the information you need, to get more and better use of your Snyk platform. This will help you implement, enable, and configure your Snyk integration, leading to a faster and smoother adoption and usage of Snyk at your company. Here are the enhancements to our User Content platform.

The cybersecurity landscape is constantly evolving, even more so in the past decade, with technological revolutions changing the core of the cybersecurity industry. With new emerging technologies, machine learning, security automation, and AI are slowly but surely becoming a reality in the cybersecurity world. But as the cybersecurity landscape continues and redefines the roles of security workers, which logically begs the question - what does this mean for security professionals?

Most fresh installs of operating systems or applications come with pre-configured settings that are usually insecure or not properly configured with security in mind. Use the leverage provided by multiple frameworks such as CIS Benchmarks or NIST NCP to find out if your organization needs to augment or adjust any baselines to become better aligned with policies your organization is trying to adhere to.

Organizations are always looking for new ways to innovate and reduce costs and allocate resources more efficiently. In this blog post, we will look at how enterprises handled incidents before and after deploying AIOps.

A long time ago (in the early 2000s), I was playing games online. One of my accounts was compromised – the password was changed, and multiple “high-priced” items I had earned were “traded” without my knowledge, to the account of another player. One could easily blame my simple password at that time when there were no rules around password strength. Regardless of the reason, what happened was one of the earliest versions of an account takeover (ATO) attack.

For our latest specialist interview in our series speaking to technology leaders from around the world, we’ve welcomed Charles Denyer. Charles is an Austin-based cybersecurity and national security expert who has worked with hundreds of US and international organizations. He is a founding member and senior partner in two consulting and compliance firms.