New York, NY, USA
Sep 23, 2021   |  By Nicole Sette
Kroll has observed an uptick in actors offering network access on the dark web, particularly in the wake of recent disruptions to the ransomware-as-a-service (RAAS) ecosphere such as the ban on ransomware discussions in notorious underground criminal forums.
Sep 16, 2021   |  By Jaycee Roth
Nearly 80 per cent of all ransomware attacks in the first half of 2021 involved the threat of leaking exfiltrated data. Exfiltration is a popular pressure tactic as it introduces the threat to publish stolen sensitive data to a threat actor extortion website if a ransom payment is not received. Our team currently tracks over 40 threat actor extortion websites, with new sites belonging to new ransomware groups emerging each week.
Aug 18, 2021   |  By Devon Ackerman
Microsoft 365 (M365) has quickly become one of the most utilized email platforms and, thanks to a variety of productivity and communication applications deeply embedded in enterprise processes, it’s also a popular target for cyber criminals. Microsoft certainly understands that and has enabled extensive security mechanisms for M365, including multifactor authentication (MFA), which requires users to present more than one form of authentication before login.
Aug 16, 2021   |  By Kroll
On July 14, 2021, WooCommerce issued an emergency patch for a critical vulnerability allowing an unauthenticated attacker to access arbitrary data in an online store’s database. WooCommerce is one of the most popular e-commerce platforms in the world and is installed on over five million websites. Additionally, the WooCommerce Blocks feature plugin, which is installed on more than 200,000 sites, was affected by the vulnerability and was patched at the same time.
Jul 14, 2021   |  By James McLeary
Kroll experts have noticed an increase in distributed denial of service (DDoS) attacks by cybercriminals seeking to turn a profit in two distinct incident types. First, many ransomware operators are now threatening and conducting DDoS attacks as an additional pressure tactic during the ransom negotiation process. Second, also known as ransom denial of service (RDoS), attackers threaten DDoS attacks that will take down an organization’s public-facing services unless a ransom is paid.
Jul 8, 2021   |  By Scott Hanson
On the afternoon of July 2, 2021, Kaseya reported that it had been impacted by a ransomware attack affecting its Virtual System Administrator (VSA) product and advised users to shut down VSA servers immediately. Initial reporting indicates this was a well-orchestrated supply chain attack impacting about 60 managed services providers (MSPs) and up to 1,500 client organizations by leveraging a zero-day vulnerability (CVE-2021-30116).
Jul 6, 2021   |  By Terry Mason
The recent slate of breaches and regulatory actions has prompted many companies who had been doing the minimum in terms of proactive cyber risk management to rethink their approach. In the U.S., new regulations are emerging (for states like Virginia, Colorado, Massachusetts and many others), and existing regulators are increasing their enforcement, as we’ve seen by the NY Dept of Financial Services (NYDFS) and the SEC.
Jun 23, 2021   |  By Devon Ackerman
Phishing schemes are always evolving. This past year, email thread hijacking took phishing to new depths of subterfuge as criminals hid in plain sight within existing conversations. But no matter how well cybercriminals have refined their messaging or counterfeited legitimate logos and branding, the one constant has always been their delivery method: email. Until now. Online chat services have become a new target for cybercriminals to introduce documents loaded with malware into organizations.
Jun 15, 2021   |  By Kroll
Industries most impacted in 2019 continued to be hard hit in both 2020 and so far in 2021, including healthcare, education and financial services. However, the greatest percentage increases occurred in industries that had been generally spared in 2019. The overall implication is that data attacks became broader and deeper during the pandemic, a trend that continues during the recovery.
Jun 8, 2021   |  By Louisa Vogelenzang
Businesses in Singapore face mounting challenges to protect customer data as a result of the newly enacted Personal Data Protection (Amendment) Bill (PDPA). With higher penalties expected to be levied from February 2022, it’s imperative that enterprises, particularly those collecting customer data, have a solid information security framework and incident response plan in place.
Oct 13, 2021   |  By Kroll
Hosted by Kroll and Redscan cyber risk experts, this webinar addressed digital risk protection (DRP) and shared impactful use cases for today’s threat landscape. Often classified as “dark web monitoring,” DRP can be merged with cyber threat intelligence services to not only track threats, but take action against threats happening outside of your network.
Sep 15, 2021   |  By Kroll
46% of respondents cited lack of visibility over third parties as their leading source of bribery and corruption risk. Businesses need to have a tight grasp of their internal data, as well their external environment. Kroll Managing Director, Zoe Newman provides insights.
Sep 15, 2021   |  By Kroll
Despite bolstering internal defenses, 82% of respondents said illicit activity was having a significant impact on their organization. Which generates the question, why? Kroll Managing Director, Howard Cooper provides insights.
Sep 13, 2021   |  By Kroll
Internal security teams are overwhelmed by cyber threats and finding seasoned incident response professionals is now harder and more expensive. The State of Incident Response 2021 surveyed 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue to learn how managed detection and response vendors are incorporated into their security programs. Over 76% of organizations are relying on a third-party vendor to augment in-house capabilities, and their biggest benefit is delivering faster containment, response, and more automation capabilities.
Sep 13, 2021   |  By Kroll
Chris Campbell, Chief Strategist at Kroll, Michael Kiely, President of U.S. Government Affairs at UPS and John Selib, Senior Vice President, Global Policy & Public Affairs at Pfizer, discuss the impact of regulation on the life sciences industry as well as emerging hot topics.
Sep 13, 2021   |  By Kroll
Insights from Kroll's Global Fraud and Risk Report.
Sep 13, 2021   |  By Kroll
The State of Incident Response 2021 surveyed 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue, identifying a lack of clarity from information security professionals about when and how to engage legal as part of an incident response. The survey also identified challenges with digital evidence preservation, breach notification readiness, a proper communication process.
Sep 13, 2021   |  By Kroll
With the volume and sophistication of cyber threats growing, we asked 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue how their organizations are planning to deal with incident response. Nearly all teams plan on automating more of their IR process, but nearly half face headwinds like lack of in-house expertise, lack of proper technology, and lack of bandwidth.
Sep 13, 2021   |  By Kroll
We surveyed 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue and more than half reported increased cybersecurity budgets for next year and that their executive leadership is more aware of cyber threats. However, over 40% report internal obstacles with the adoption of security processes, lack of organization-wide support, and a "bare minimum" approach to security.
Aug 25, 2021   |  By Kroll
Kroll’s third-party breach management platform cuts through the complex logistics of coordinating breach notification for a compromised entity and the consumer-facing organizations with which they work. Watch this video to see how we help clients navigate through the complexities of breach notifications with third-parties.
Apr 5, 2021   |  By Kroll
As per data published by the Office of the Australian Information Commissioner, the healthcare industry in Australia accounted for 22% of notifiable data breaches between January to June 2020, which was more than any other industry. Cybercriminals continue to target this industry due to the vast amounts of highly sensitive personal information (such as Medicare numbers, credit card information and medical insurance numbers) that is stored by healthcare providers.

Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency. We work with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber security, corporate finance, restructuring, legal and business solutions, data analytics and regulatory compliance. Our firm has nearly 5,000 professionals in 30 countries and territories around the world.

Kroll experts provide rapid response to more than 2,000 cyber incidents of all types annually. We help countless more clients with eDiscovery and litigation support (including expert witness services); managed detection and response services for both active threats and as an integral part of network security; notification solutions, including multilingual call center support; and proactive services, including general and threat-focused risk assessments, response planning, tabletop exercises and more.

Our experts are able to deliver best-in-class endpoint security through our managed detection and response solution, Kroll Responder. Responder handles every step, with 24x7 managed detection and response services fueled by threat hunting and superior incident response.