Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Bloor Research: Managed Detection and Response - 2023 Market Update

Bloor analyzed the most often cited MDR providers delivering technology-agnostic services and named Kroll a Champion. Nearly three years since Bloor Research analyzed the managed detection and response (MDR) landscape, its 2023 MDR Market Update shows a maturing market sector where vendors go beyond endpoint detection and response (EDR) to ingest a variety of telemetry, including cloud services, and develop more robust incident response (IR).

An Introduction to Agile Penetration Testing

Kroll helps development teams build agile penetration testing programs that prioritize security posture throughout the project life cycle while maintaining a rapid release cadence. When it comes to modern application delivery, speed and agility are the name of the game. Customer demands are driving rapid release cycles, pushing development teams to create new products and to update existing ones at a much more aggressive pace.

Q4 2022 Threat Landscape Report: Tech and Manufacturing Targeted as Ransomware Peaks for 2022

In a year where headlines were dominated by the global economic and geopolitical uncertainty around Russia’s war on Ukraine, 2022 saw a threat landscape that was both volatile and fragmented, largely due to the war. As the year drew to an end, ransomware hit a peak, primarily due to the rise in attacks impacting the manufacturing, health care, technology and telecommunications industries.

Royal Ransomware Deep Dive

The threat actor group behind Royal ransomware first appeared in January 2022, pulling together actors previously associated with Roy/Zeon, Conti and TrickBot malware. Originally known as “Zeon” before renaming themselves “Royal” in September 2022, they are not considered a ransomware-as-a-service (RaaS) operation because their coding/infrastructure are private and not made available to outside actors.

Data Breach Outlook: Health Care is the Most Breached Industry of 2022

Data breaches have become an unfortunate reality of the digital world we live in. While there is no doubt that efforts can be made to mitigate the chances of a data breach, living in a completely data breach-free world is not realistic. Apart from having processes and technology in place to prevent data breaches, companies should also have a plan of action in case they do suffer a breach. One aspect of being prepared is understanding how vulnerable your industry may be to data breaches.

Techniques for Effectively Securing AWS Lake Formation

A couple months ago, we received a request from one of our enterprise financial clients looking to build their internal data lake capabilities. The client wanted to know more about security best practices related to the AWS data lake management tool, AWS Lake Formation, and asked our team for help. One of our principal security consultants specializing in cloud got to work, preparing an overview of critical security considerations when architecting a data lake system.

Black Basta - Technical Analysis

In recent months, news outlets have reported a surge in double extortion ransomware attacks by Black Basta, a notorious ransomware-as-a-service (RaaS) threat group first identified in early 2022. The actor is sophisticated, often utilizing a unique set of tactics, techniques and procedures (TTPs) to gain a foothold, spread laterally, exfiltrate data and drop ransomware. However, Kroll has observed Black Basta sometimes utilizing similar TTPs across multiple incidents.

Vulnerability Assessment vs. Penetration Test: A Case of Mistaken Identities

If you’ve been in the realm of penetration (“pen”) testing in any capacity for any length of time, you’ve probably experienced the conversations around inconsistent pen testing results across teams or vendors. This isn’t anything new in the pen testing world. The conversations probably ranged from friendly internal team banter to more serious discussions with external vendors on pen testing program success metrics. Is this a case of mistaken identity?

Cyber Threat Intelligence Series: A Lens on the Healthcare Sector

A review of recent Kroll incident response cases consistently proves that the healthcare industry is one of the most frequently targeted sectors. This observation mirrors what is experienced by national cybersecurity agencies as multiple warnings have been launched during 2022, highlighting how ransomware gangs and nation state actors are now aggressively targeting healthcare institutions.