New York, NY, USA
Mar 16, 2023   |  By Kroll
A major logistics company was hit by a ransomware attack at a time when it was reviewing and upgrading its cybersecurity defense. Kroll provided seamless incident response to enable the company to act quickly to mitigate and minimize the damage caused by the attack. The company also deployed Kroll Responder, Kroll’s award-winning Managed Detection and Response (MDR) solution, giving it comprehensive 24/7 visibility and management of threats and enhancing its long-term cyber resilience.
Mar 1, 2023   |  By Kroll
As part of a project to obtain more awareness of initial attack vectors outside of the common phishing and web application exploitation, Kroll’s Cyber Threat Intelligence team has developed a tool to enable the enhanced monitoring of the Python Package Index (PyPI) to find and obtain malicious packages that are added to it.
Feb 27, 2023   |  By Kroll
Bloor analyzed the most often cited MDR providers delivering technology-agnostic services and named Kroll a Champion. Nearly three years since Bloor Research analyzed the managed detection and response (MDR) landscape, its 2023 MDR Market Update shows a maturing market sector where vendors go beyond endpoint detection and response (EDR) to ingest a variety of telemetry, including cloud services, and develop more robust incident response (IR).
Feb 24, 2023   |  By Kroll
Kroll helps development teams build agile penetration testing programs that prioritize security posture throughout the project life cycle while maintaining a rapid release cadence. When it comes to modern application delivery, speed and agility are the name of the game. Customer demands are driving rapid release cycles, pushing development teams to create new products and to update existing ones at a much more aggressive pace.
Feb 15, 2023   |  By Kroll
In a year where headlines were dominated by the global economic and geopolitical uncertainty around Russia’s war on Ukraine, 2022 saw a threat landscape that was both volatile and fragmented, largely due to the war. As the year drew to an end, ransomware hit a peak, primarily due to the rise in attacks impacting the manufacturing, health care, technology and telecommunications industries.
Feb 13, 2023   |  By Kroll
The threat actor group behind Royal ransomware first appeared in January 2022, pulling together actors previously associated with Roy/Zeon, Conti and TrickBot malware. Originally known as “Zeon” before renaming themselves “Royal” in September 2022, they are not considered a ransomware-as-a-service (RaaS) operation because their coding/infrastructure are private and not made available to outside actors.
Feb 2, 2023   |  By Kroll
Hive has been seized by law enforcement, but were likely to still see these initial access methods and tactics used across other threat actor groups.
Jan 26, 2023   |  By Kroll
Data breaches have become an unfortunate reality of the digital world we live in. While there is no doubt that efforts can be made to mitigate the chances of a data breach, living in a completely data breach-free world is not realistic. Apart from having processes and technology in place to prevent data breaches, companies should also have a plan of action in case they do suffer a breach. One aspect of being prepared is understanding how vulnerable your industry may be to data breaches.
Jan 25, 2023   |  By Kroll
A couple months ago, we received a request from one of our enterprise financial clients looking to build their internal data lake capabilities. The client wanted to know more about security best practices related to the AWS data lake management tool, AWS Lake Formation, and asked our team for help. One of our principal security consultants specializing in cloud got to work, preparing an overview of critical security considerations when architecting a data lake system.
Jan 23, 2023   |  By Kroll
In recent months, news outlets have reported a surge in double extortion ransomware attacks by Black Basta, a notorious ransomware-as-a-service (RaaS) threat group first identified in early 2022. The actor is sophisticated, often utilizing a unique set of tactics, techniques and procedures (TTPs) to gain a foothold, spread laterally, exfiltrate data and drop ransomware. However, Kroll has observed Black Basta sometimes utilizing similar TTPs across multiple incidents.
Feb 21, 2023   |  By Kroll
In this video, Matthew Dumpert, Managing Director and Head of Kroll’s North America Security Risk Management practice, discusses current security trends in North America and what organizations should expect this year in terms of risk, safety and security. He also explains why it’s more important than ever that companies review their business continuity and threat management plans to ensure they are equipped for the expected increase in workplace violence, theft and safety issues.
Dec 8, 2022   |  By Kroll
As part of our 2-Minute Security Talks series, Bob Thompson, Associate Managing Director in Kroll’s Security Risk Management practice for EMEA and APAC, addresses the threats to critical national infrastructure that are emerging from global geopolitical instability. Bob also discusses how Kroll can support organizations with threat monitoring, security reviews, risk assessments, cyber resilience assessments and crisis preparedness, and reviews the seven key points of Kroll’s risk assessment process that can help companies mitigate threats.
Nov 23, 2022   |  By Kroll
All organizations should have access to the skills needed to detect and contain threats. But typically, only the very largest enterprises can afford the millions in annual staff and infrastructure investments required to maintain a 24x7 Security Operations Center.
Nov 14, 2022   |  By Kroll
Watch the Q3 2022 Threat Landscape Virtual Briefing to hear from Kroll’s cyber threat intelligence leaders as they explore key insights gained through cyber incidents handled worldwide in the third quarter of 2022.
Jul 28, 2022   |  By Kroll
This video demonstrates a maldoc infection chain in WebView2 applications
Jul 1, 2022   |  By Kroll
Timestomping is a common anti-forensic tactic that threat actors use in order to hide their tools on a victim’s file system. Detecting and analyzing timestomping can be time-consuming for examiners, but with a combination of the Kroll Artifact Parser and Extractor (KAPE), MFTECmd and Timeline Explorer, the process is expedited, allowing examiners to focus on data instead of worrying about parsing files.
Jun 21, 2022   |  By Kroll
Carlos García and Jeff Macko, two leading security experts from Kroll, provide a unique perspective on hacking and how to address it in this insightful webinar, I Get Paid to Hack Your Company and These Are the Controls I Hate the Most! The session outlines the most effective security controls to prevent and mitigate common types of cyberattacks and emphasizes potential quick wins that can be achieved without the need for significant investment, and how to harness the technology already used by most organizations.
May 25, 2022   |  By Kroll
Watch the Q1 2022 Threat Landscape Virtual Briefing to hear from Kroll’s cyber threat intelligence leaders as they explore key insights and trends from from 100s of incident response cases handled by Kroll worldwide.
Apr 20, 2022   |  By Kroll
Introducing Kroll Business Connect for compliance professionals, a centralized, cloud-based platform designed to streamline know your customer (KYC) onboarding workflow – including file sharing, communications and tasks – in real-time with all stakeholders using one single platform. Compliance teams in any industry can tailor our proprietary platform to their specific needs. Business Connect easily integrates with any compliance software or CRM system.
Feb 23, 2022   |  By Kroll
Watch the Q4 2021 Threat Landscape Virtual Briefing to hear from Kroll’s cyber threat intelligence leaders as they explore key insights and trends from over 3,200 cyber incidents handled worldwide in 2021.
Apr 5, 2021   |  By Kroll
As per data published by the Office of the Australian Information Commissioner, the healthcare industry in Australia accounted for 22% of notifiable data breaches between January to June 2020, which was more than any other industry. Cybercriminals continue to target this industry due to the vast amounts of highly sensitive personal information (such as Medicare numbers, credit card information and medical insurance numbers) that is stored by healthcare providers.

Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency. We work with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber security, corporate finance, restructuring, legal and business solutions, data analytics and regulatory compliance. Our firm has nearly 5,000 professionals in 30 countries and territories around the world.

Kroll experts provide rapid response to more than 2,000 cyber incidents of all types annually. We help countless more clients with eDiscovery and litigation support (including expert witness services); managed detection and response services for both active threats and as an integral part of network security; notification solutions, including multilingual call center support; and proactive services, including general and threat-focused risk assessments, response planning, tabletop exercises and more.

Our experts are able to deliver best-in-class endpoint security through our managed detection and response solution, Kroll Responder. Responder handles every step, with 24x7 managed detection and response services fueled by threat hunting and superior incident response.