|
By Kroll
When it comes to security, 2024 was unfortunately a standout year for the healthcare sector. Kroll found that the healthcare industry was the most breached, had fairly immature incident response practices, and unfortunately suffered numerous cyberattacks culminating in a year that left healthcare boards thinking deeply of the overall risk to their businesses.
|
By Kroll
The deadline for European Union member states to pass the new EU NIS2 regulation into national law was October 17, 2024, yet only a few countries have transposed it into law, leaving others lagging behind, with regulations in draft or public consultation phases, or not at all. In the absence of certainty for firms (or what NIS2 calls entities), confusion is understandable, but steps can be currently taken considering what we already know.
|
By Kroll
The European Union’s (EU) AI Act (the Act) represents landmark artificial intelligence (AI) regulation from the EU designed to promote trustworthy AI by focusing on the impacts on people through required mitigation of potential risks to health, safety and fundamental rights. The Act introduces a comprehensive and often complex framework for the development, deployment and use of AI systems, impacting a wide range of businesses across the globe.
|
By Kroll
Note: These vulnerabilities remain under active exploitation and Kroll experts are investigating. If further details are uncovered by our team, updates will be made to the Kroll Cyber Risk blog. A critical authentication bypass vulnerability (CWE-288) affecting FortiOS and FortiProxy (FG-IR-24-535) allows remote attackers to obtain super admin privileges via Node.js WebSocket traffic.
|
By Kroll
For many organizations, their online presence is not only critical to their commercial success but a key element of how they manage public perception. Yet from typosquatting to domain hijacking, authentic business websites are at significant risk of exploitation, with serious potential consequences. Domain monitoring enables organizations to defend against these types of threats by identifying potential issues early and taking effective action to mitigate the risks.
|
By Kroll
Ivanti has disclosed vulnerabilities affecting Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS) and Ivanti Neurons for Zero Trust Access (ZTA) Gateways. According to Ivanti, CVE-2025-0282 has been exploited on a limited number of ICS appliances. There are no confirmed reports of exploitation for Ivanti Policy Secure or ZTA Gateways. There is no indication that CVE-2025-0283 is actively exploited or chained.
|
By Kroll
The software development life cycle (SDLC) process continues to present significant security risks to organizations and their customers. By proactively integrating security at the heart of application development, DevSecOps transforms how businesses identify and manage potential vulnerabilities when developing software.
|
By Kroll
Chances are, your business is already operating in the cloud. The rewards of moving into the cloud are undeniable - organizations can build and launch new services and add computing capacity more easily than on premises in a more cost-effective manner. The cloud is indispensable for growing at the speed of the market.
|
By Kroll
As cloud computing technologies are quickly have become mainstream due to the multitude of benefits that have transformed how we store, manage, and access data, the enterprise landscape is rapidly changing how they interact with data and applications. However, one of the overlooked and most misunderstood activities that must be performed to successfully leverage cloud computing technologies is the creation of a cloud computing security architecture.
|
By Kroll
February 18, 2025 Cyber Threat Intelligence Briefing This week’s briefing covers: CL0P Update CL0P updated their data leak site with a new victim list of approximately 43 organizations. The organizations are likely from the previous redacted list containing company names from C-E and are possibly associated with the Cleo zero-day vulnerability.
|
By Kroll
This week’s briefing covers: CL0P Update CL0P has released an additional list of 50 possible Cleo victims. The list is similar to its previous tactics of redacting the company names before fully disclosing each organization. 7-Zip Mark-of-the-Web Bypass Vulnerability CVE-2025-0411 actively exploited in Ukraine.
|
By Kroll
This week’s briefing covers: KTA080 (CL0P) Update Around January 28, 2025, KTA080 (CL0P) updated its data leak site with a new victim list of approximately 49 organizations. The organizations are likely from the previous redacted list that was reported on listings and are possibly associated with the Cleo zero-day vulnerability, but cannot be confirmed since the group does not indicate it in their post.
|
By Kroll
This week’s briefing covers: CL0P Update The group’s post reads as follows, "DEAR COMPANIES THIS IS THE NEXT LIST WHICH WE HAVE CLOSED FOR THE TIME BEING AND DO NOT SHOW THE NAMES IN FULL IF YOU DO NOT GET IN TOUCH ASAP THE LIST WILL BE OPEN” and continues with the listed victim organizations and ways for the companies to contact the group.
|
By Kroll
This week’s briefing covers: Kroll Out of Band Published - FortiOS and FortiProxy Kroll Threat Intelligence has published an out of band report on CVE-2024-55591 affecting FortiOS and FortiProxy. The vulnerability has a CVSS score of 9.8 and has been exploited in the wild.
|
By Kroll
January 13, 2025 Cyber Threat Intelligence Briefing This week’s briefing covers: MORPHEUS Ransomware emerged around the beginning of 2025 with the discovery of its data leak site and initial victim postings.
|
By Kroll
This week’s briefing covers: IntelBroker Claims to Leak South Korean Ministry of Environment Source Code.
|
By Kroll
November 25 2024 Cyber Threat Intelligence Briefing This week’s briefing covers: Dive deeper: Playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
|
By Kroll
Join Recruiter Insights APAC with Jason! In this video, Jason, a Kroll recruiter from APAC, shares essential tips for students on building a professional online presence. Learn how to make your LinkedIn profile shine, showcase your skills, and grow a network to start your career on the right foot. Explore career opportunities and start building your future at careers.kroll.com.
|
By Kroll
As per data published by the Office of the Australian Information Commissioner, the healthcare industry in Australia accounted for 22% of notifiable data breaches between January to June 2020, which was more than any other industry. Cybercriminals continue to target this industry due to the vast amounts of highly sensitive personal information (such as Medicare numbers, credit card information and medical insurance numbers) that is stored by healthcare providers.
- February 2025 (6)
- January 2025 (8)
- December 2024 (5)
- November 2024 (11)
- October 2024 (10)
- September 2024 (7)
- August 2024 (12)
- July 2024 (10)
- June 2024 (15)
- May 2024 (11)
- April 2024 (16)
- March 2024 (13)
- February 2024 (6)
- January 2024 (12)
- December 2023 (2)
- November 2023 (8)
- October 2023 (5)
- September 2023 (1)
- August 2023 (4)
- July 2023 (3)
- June 2023 (5)
- May 2023 (4)
- April 2023 (3)
- March 2023 (5)
- February 2023 (6)
- January 2023 (4)
- December 2022 (4)
- November 2022 (7)
- October 2022 (3)
- September 2022 (4)
- August 2022 (5)
- July 2022 (4)
- June 2022 (6)
- May 2022 (5)
- April 2022 (2)
- March 2022 (3)
- February 2022 (4)
- January 2022 (4)
- December 2021 (6)
- November 2021 (3)
- October 2021 (5)
- September 2021 (10)
- August 2021 (4)
- July 2021 (5)
- June 2021 (7)
- May 2021 (4)
- April 2021 (10)
- March 2021 (11)
- February 2021 (8)
- January 2021 (2)
Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency. We work with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber security, corporate finance, restructuring, legal and business solutions, data analytics and regulatory compliance. Our firm has nearly 5,000 professionals in 30 countries and territories around the world.
Kroll experts provide rapid response to more than 2,000 cyber incidents of all types annually. We help countless more clients with eDiscovery and litigation support (including expert witness services); managed detection and response services for both active threats and as an integral part of network security; notification solutions, including multilingual call center support; and proactive services, including general and threat-focused risk assessments, response planning, tabletop exercises and more.
Our experts are able to deliver best-in-class endpoint security through our managed detection and response solution, Kroll Responder. Responder handles every step, with 24x7 managed detection and response services fueled by threat hunting and superior incident response.