|
By Kroll
IDATLOADER (aka HIJACKLOADER, GHOSTPULSE) has become prevalent in 2024, using advanced and new techniques such as BPL Sideloading, which Kroll reported on in June. Kroll observes IDATLOADER distributing malware such as ASYNCRAT, PURESTEALER, REMCOS, STEALC and what some might describe as a recent epidemic in LUMMASTEALER infections.
|
By Kroll
Alongside an explosion in the popularity of large language models (LLMs) across many industries, there has also been an increase in the level of trust granted to these models. Whereas LLMs were once perceived as simple, friendly chatbots that could respond to basic questions or pull useful resources from the web based on user input, many have now been granted the ability to perform actions, anywhere from sending an email to deploying code. This is referred to as agency.
|
By Kroll
The Kroll Security Operations Center (SOC) has recently detected and remediated a trend of incidents that involved socially engineering a victim into pasting a PowerShell script into the “Run” command window to begin a compromise. These incidents have typically begun with the victim user attempting to find “YouTube to mp3” converters, or similar, then being redirected to the malicious webpages.
|
By Kroll
The legal and regulatory landscape is constantly evolving, continually intensifying the demands placed on organizations. As well as meeting the requirements of existing regulations such as the Payment Services Directive 2 (PSD2), companies must contend with the upcoming introduction of the Network and Information Security Directive or NIS2 (Directive (EU) 2022/2555) and the Digital Operational Resilience Act (DORA).
|
By J. Andrew Valentine
Kroll has investigated many different tactics that threat actors use to steal consumer data on e-commerce sites. These types of attacks can be especially damaging for organizations that are responsible for storing customers’ personal and financial information that is collected during transactions.
|
By Kroll
Containers are transforming how enterprises deploy and use applications - their efficiency and cost-effectiveness making them a cornerstone of modern IT strategies. Compared to traditional virtualization, where the server runs a hypervisor, and then virtual machines with entire guest operating systems and software run on top of the hypervisor, containers allow more versatility since they simplify management and provide faster provisioning of applications and resources.
|
By Kroll
While no-one can predict if and when a cyber attack will take place, a red team exercise is as close as an organization can get to understanding its full level of preparedness. Red team exercises conducted by certified ethical hackers are key to uncovering hidden vulnerabilities and addressing them before they impact a company’s cyber resilience.
|
By Kroll
In today's rapidly evolving digital landscape, software supply chain security has emerged as a critical concern for organizations worldwide. Among the countless security threats, ‘secret leaks’ stand out as a predominant issue, posing significant risks to the integrity and confidentiality of software systems. This blog post delves into the intricacies of secret leaks, exploring why they are a pervasive problem and what steps can be taken to mitigate this threat.
|
By Kroll
With tens of thousands of potential threats lurking in remote corners of the deep and dark web, organizations are increasingly at risk of being targeted by cyber attackers or having their sensitive information traded or leaked online. Deep and dark web monitoring enables businesses to safeguard their digital assets and accelerate visibility of online threats, protecting their brand and reputation.
|
By Kroll
As cyber threats continue to grow more sophisticated, the demand for dynamic, scalable security solutions has led to the increasing adoption of Security Operations Center as a Service (SOC as a Service, or SOCaaS). The SOC as a Service model offers a significantly more cost-effective alternative for organizations without the resources to establish full-scale, in-house security operations centers (SOCs).
|
By Kroll
Join Recruiter Insights APAC with Jason! In this video, Jason, a Kroll recruiter from APAC, shares essential tips for students on building a professional online presence. Learn how to make your LinkedIn profile shine, showcase your skills, and grow a network to start your career on the right foot. Explore career opportunities and start building your future at careers.kroll.com.
|
By Kroll
Cyber Threat Intelligence Briefings Social: Each week our cyber threat intelligence team reports on the latest trends they observe from the trenches.
|
By Kroll
The European Union’s (EU) new Digital Operational Resilience Act (DORA) is set to reshape how financial institutions handle their cybersecurity and operational risks. With enforcement from January 2025, DORA will impose a range of new standards and requirements. While there is an awareness of DORA in the marketplace, some firms do not fully understand its risks and consequences due to its broad scope. Similar to the introduction of the EU GDPR, many businesses might underestimate the effort needed to achieve compliance.
|
By Kroll
Kroll’s LLM penetration testing has seen it analyze data sets of OpenAI models, non-public models and RAG systems. It has used this to produce an anonymized dataset that catalogs vulnerabilities from all LLM engagements. Kroll has found a worrying prevalence of prompt injection attacks in the LLM cases it has investigated and shares its findings in this briefing.
|
By Kroll
As per data published by the Office of the Australian Information Commissioner, the healthcare industry in Australia accounted for 22% of notifiable data breaches between January to June 2020, which was more than any other industry. Cybercriminals continue to target this industry due to the vast amounts of highly sensitive personal information (such as Medicare numbers, credit card information and medical insurance numbers) that is stored by healthcare providers.
- November 2024 (7)
- October 2024 (10)
- September 2024 (7)
- August 2024 (12)
- July 2024 (10)
- June 2024 (15)
- May 2024 (11)
- April 2024 (16)
- March 2024 (13)
- February 2024 (6)
- January 2024 (12)
- December 2023 (2)
- November 2023 (8)
- October 2023 (5)
- September 2023 (1)
- August 2023 (4)
- July 2023 (3)
- June 2023 (5)
- May 2023 (4)
- April 2023 (3)
- March 2023 (5)
- February 2023 (6)
- January 2023 (4)
- December 2022 (4)
- November 2022 (7)
- October 2022 (3)
- September 2022 (6)
- August 2022 (5)
- July 2022 (4)
- June 2022 (6)
- May 2022 (5)
- April 2022 (2)
- March 2022 (3)
- February 2022 (4)
- January 2022 (4)
- December 2021 (6)
- November 2021 (3)
- October 2021 (5)
- September 2021 (10)
- August 2021 (4)
- July 2021 (5)
- June 2021 (7)
- May 2021 (4)
- April 2021 (10)
- March 2021 (11)
- February 2021 (8)
- January 2021 (2)
Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency. We work with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber security, corporate finance, restructuring, legal and business solutions, data analytics and regulatory compliance. Our firm has nearly 5,000 professionals in 30 countries and territories around the world.
Kroll experts provide rapid response to more than 2,000 cyber incidents of all types annually. We help countless more clients with eDiscovery and litigation support (including expert witness services); managed detection and response services for both active threats and as an integral part of network security; notification solutions, including multilingual call center support; and proactive services, including general and threat-focused risk assessments, response planning, tabletop exercises and more.
Our experts are able to deliver best-in-class endpoint security through our managed detection and response solution, Kroll Responder. Responder handles every step, with 24x7 managed detection and response services fueled by threat hunting and superior incident response.