New York, NY, USA
1932
  |  By Kroll
In a fast-moving threat landscape, finding the answers to complex security challenges can be fraught with unknowns. Asking the right questions can make all the difference, as Steven Escobar and Ben Habing know well through their work in the Assessments and Advisory practice within Cyber and Data Resilience at Kroll.
  |  By Kroll
This article was authored by Cristhian Parrot from the Kroll Offensive Security Team. Kroll’s Offensive Security Team recently discovered a new vulnerability within Microsoft’s Azure Monitor Agent Metrics Extension, which demonstrates how subtle configuration issues can introduce significant security risks in widely deployed infrastructure components.
  |  By Kroll
Enterprise security is confronting an identity problem that has outgrown the tools designed to contain it. For years, the operating model was straightforward, to authenticate users at the gate, grant access and monitor known risks. However, today AI is increasingly interwoven with business practices, making that model no longer fit for purpose.
  |  By Kroll
Kroll identified a cross-platform malware framework, dubbed GARUDA C2, that uses public code-hosting platforms like GitHub for staging, redundancy and command distribution across Windows, macOS and Linux. Analysis links the campaign to an India-based operator supported by Hindi-language development artifacts, build logs, infrastructure indicators and evidence suggesting use of a locally hosted large language model (LLM) to accelerate malware development.
  |  By Kroll
The next phase of Threat Exposure Management by Gayathri Kunapuli.
  |  By Kroll
How Agentic AI Is Outpacing the Compliance Frameworks Built to Contain It.
  |  By Kroll
What recent AI security developments should change and what they should not—for security leaders and vulnerability management teams The question is no longer whether AI will affect vulnerability discovery. It is whether exposure management programs can keep up with a faster clock.
  |  By Kroll
A combination of accelerating risk complexity and increasing attack times is creating a perfect storm for organizations. Responding effectively to this fast-evolving threat landscape demands more advanced capabilities.
  |  By Kroll
The convergence of accelerated digitalization, complex global supply chains, and the rapid adoption of AI-driven automation, has elevated the importance of identity security. Combine this with the traditional and fragmented identity management approaches typical in manufacturing environments, and risk is multiplied. Failing to tackle identity, now becomes a direct threat to production continuity, regulatory compliance, and competitive advantage.
  |  By Dave Burg
I recently wrote about how today’s cyber risk is defined less by breakthrough innovation and more by the industrialization of existing weaknesses. Given this, I wanted to dig a little deeper. Over a weekend I conducted some analysis on a longitudinal Aggregate Cyber Risk Index that scores six core threat vectors daily for 1,000 days on a 0–100 scale, drawing on six macro categories.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
This week’s briefing covers: Dive deeper.
  |  By Kroll
As per data published by the Office of the Australian Information Commissioner, the healthcare industry in Australia accounted for 22% of notifiable data breaches between January to June 2020, which was more than any other industry. Cybercriminals continue to target this industry due to the vast amounts of highly sensitive personal information (such as Medicare numbers, credit card information and medical insurance numbers) that is stored by healthcare providers.

Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency. We work with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber security, corporate finance, restructuring, legal and business solutions, data analytics and regulatory compliance. Our firm has nearly 5,000 professionals in 30 countries and territories around the world.

Kroll experts provide rapid response to more than 2,000 cyber incidents of all types annually. We help countless more clients with eDiscovery and litigation support (including expert witness services); managed detection and response services for both active threats and as an integral part of network security; notification solutions, including multilingual call center support; and proactive services, including general and threat-focused risk assessments, response planning, tabletop exercises and more.

Our experts are able to deliver best-in-class endpoint security through our managed detection and response solution, Kroll Responder. Responder handles every step, with 24x7 managed detection and response services fueled by threat hunting and superior incident response.