|
By Kroll
As cloud computing technologies are quickly have become mainstream due to the multitude of benefits that have transformed how we store, manage, and access data, the enterprise landscape is rapidly changing how they interact with data and applications. However, one of the overlooked and most misunderstood activities that must be performed to successfully leverage cloud computing technologies is the creation of a cloud computing security architecture.
|
By Kroll
In today's digital landscape, organizations are increasingly reliant on internet-facing applications to conduct business and engage with customers. However, many organizations are unaware of the full extent of their internet exposure. Can you secure your organization if you do not know which internet-facing applications you own? Not effectively.
|
By Kroll
Given the many laws, frameworks and industry best practices surrounding artificial intelligence (AI), it’s not surprising that lawyers, compliance professionals and others charged with AI governance and compliance are seeking a starting point for AI guidelines. A solid foundation is vital to building a program that satisfies the growing matrix of requirements while allowing companies to simplify and execute their programs amid growing complexity and change. The U.S.
|
By Kroll
Microsoft 365 (M365) has become the industry standard for business email platforms, allowing users access to a variety of interconnected productivity and communication applications. With data readily available across multiple applications within M365, threat actors are using a specific technique to exfiltrate data within a user’s M365 email account.
|
By Kroll
Microsoft 365 is the standard in modern enterprise environments, offering a robust suite of productivity and collaboration tools. With millions of users accessing sensitive data from various devices and locations, security vulnerabilities can arise, making it highly attractive for cybercriminals seeking to exploit and steal valuable data.
|
By Kroll
IDATLOADER (aka HIJACKLOADER, GHOSTPULSE) has become prevalent in 2024, using advanced and new techniques such as BPL Sideloading, which Kroll reported on in June. Kroll observes IDATLOADER distributing malware such as ASYNCRAT, PURESTEALER, REMCOS, STEALC and what some might describe as a recent epidemic in LUMMASTEALER infections.
|
By Kroll
Alongside an explosion in the popularity of large language models (LLMs) across many industries, there has also been an increase in the level of trust granted to these models. Whereas LLMs were once perceived as simple, friendly chatbots that could respond to basic questions or pull useful resources from the web based on user input, many have now been granted the ability to perform actions, anywhere from sending an email to deploying code. This is referred to as agency.
|
By Kroll
The Kroll Security Operations Center (SOC) has recently detected and remediated a trend of incidents that involved socially engineering a victim into pasting a PowerShell script into the “Run” command window to begin a compromise. These incidents have typically begun with the victim user attempting to find “YouTube to mp3” converters, or similar, then being redirected to the malicious webpages.
|
By Kroll
The legal and regulatory landscape is constantly evolving, continually intensifying the demands placed on organizations. As well as meeting the requirements of existing regulations such as the Payment Services Directive 2 (PSD2), companies must contend with the upcoming introduction of the Network and Information Security Directive or NIS2 (Directive (EU) 2022/2555) and the Digital Operational Resilience Act (DORA).
|
By Kroll
November 25 2024 Cyber Threat Intelligence Briefing This week’s briefing covers: Dive deeper: Playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
|
By Kroll
Join Recruiter Insights APAC with Jason! In this video, Jason, a Kroll recruiter from APAC, shares essential tips for students on building a professional online presence. Learn how to make your LinkedIn profile shine, showcase your skills, and grow a network to start your career on the right foot. Explore career opportunities and start building your future at careers.kroll.com.
|
By Kroll
Cyber Threat Intelligence Briefings Social: Each week our cyber threat intelligence team reports on the latest trends they observe from the trenches.
|
By Kroll
The European Union’s (EU) new Digital Operational Resilience Act (DORA) is set to reshape how financial institutions handle their cybersecurity and operational risks. With enforcement from January 2025, DORA will impose a range of new standards and requirements. While there is an awareness of DORA in the marketplace, some firms do not fully understand its risks and consequences due to its broad scope. Similar to the introduction of the EU GDPR, many businesses might underestimate the effort needed to achieve compliance.
|
By Kroll
As per data published by the Office of the Australian Information Commissioner, the healthcare industry in Australia accounted for 22% of notifiable data breaches between January to June 2020, which was more than any other industry. Cybercriminals continue to target this industry due to the vast amounts of highly sensitive personal information (such as Medicare numbers, credit card information and medical insurance numbers) that is stored by healthcare providers.
- December 2024 (4)
- November 2024 (11)
- October 2024 (10)
- September 2024 (7)
- August 2024 (12)
- July 2024 (10)
- June 2024 (15)
- May 2024 (11)
- April 2024 (16)
- March 2024 (13)
- February 2024 (6)
- January 2024 (12)
- December 2023 (2)
- November 2023 (8)
- October 2023 (5)
- September 2023 (1)
- August 2023 (4)
- July 2023 (3)
- June 2023 (5)
- May 2023 (4)
- April 2023 (3)
- March 2023 (5)
- February 2023 (6)
- January 2023 (4)
- December 2022 (4)
- November 2022 (7)
- October 2022 (3)
- September 2022 (5)
- August 2022 (5)
- July 2022 (4)
- June 2022 (6)
- May 2022 (5)
- April 2022 (2)
- March 2022 (3)
- February 2022 (4)
- January 2022 (4)
- December 2021 (6)
- November 2021 (3)
- October 2021 (5)
- September 2021 (10)
- August 2021 (4)
- July 2021 (5)
- June 2021 (7)
- May 2021 (4)
- April 2021 (10)
- March 2021 (11)
- February 2021 (8)
- January 2021 (2)
Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency. We work with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber security, corporate finance, restructuring, legal and business solutions, data analytics and regulatory compliance. Our firm has nearly 5,000 professionals in 30 countries and territories around the world.
Kroll experts provide rapid response to more than 2,000 cyber incidents of all types annually. We help countless more clients with eDiscovery and litigation support (including expert witness services); managed detection and response services for both active threats and as an integral part of network security; notification solutions, including multilingual call center support; and proactive services, including general and threat-focused risk assessments, response planning, tabletop exercises and more.
Our experts are able to deliver best-in-class endpoint security through our managed detection and response solution, Kroll Responder. Responder handles every step, with 24x7 managed detection and response services fueled by threat hunting and superior incident response.