Kroll

New York, NY, USA
1932
  |  By Kroll
Learn about careers with us and search open job opportunities here. As one of the largest housing associations in the UK, Southern Housing was concerned about being targeted due to a sharp increase in cyberattacks on its industry. The organization also needed to broaden its defenses in response to the shift to remote and hybrid working.
  |  By Kroll
In cybersecurity, current approaches don’t stay current for long. Organizations that fail to adapt accordingly often discover this fact at the cost of their secure network. This is particularly true in the face of complex and increasingly unpatchable attack surfaces and a corresponding reduction in the impact of automated remediation practices. Traditional security approaches are unable to fully address these challenges.
  |  By Kroll
Kroll observed the use of SPARKRAT in conjunction with a previously undocumented loader written in Golang. The loader assists in the initial infection and deployment of the malicious payload, enabling SPARKRAT to execute on a system. This process allows the payload to reach the target system undetected and unquarantined. The loader achieves its goal by decoding and decrypting a secondary payload binary, then injecting it into a notepad.exe instance.
  |  By Kroll
Two critical vulnerabilities have been discovered and patched in TeamCity, a build management and continuous integration server from JetBrains. These vulnerabilities are being tracked as CVE-2024-27198 and CVE-2024-27199 and impact all TeamCity On-Premises versions through 2023.11.3. They are reportedly being actively exploited as of March 6, 2024, with a fix is available in version 2023.11.4, which was released Monday, March 4.
  |  By Kroll
Many organizations focus on addressing the risks within their internal attack surface while overlooking the potential threats created by their external digital footprint on the surface, deep and dark web. This article outlines how companies can significantly mitigate this risk by combining digital risk protection with their detection and response approach.
  |  By Kroll
Managed XDR (MXDR) is a service-led security solution that uses a wide range of telemetry sources to better unify and automate incident investigation, analysis, and response. Extended Detection and Response (XDR) is the technology at the heart of MXDR. It is a security platform that unifies telemetry across multiple security layers, such as networks, endpoints, applications, email, identities, and cloud services, into a single platform.
  |  By Kroll
Professionals in the cybersecurity industry have much to consider regarding the various approaches and types of tooling required to keep their organizations secure. There are significant known cybersecurity threats and a constant danger of new “zero-day” vulnerabilities. One comprehensive strategy growing in popularity for mitigating the associated risks generated by these threats and vulnerabilities is Attack Surface Management (ASM).
  |  By Kroll
The Kroll CTI team observed a campaign using a new malware that appears to be very similar to BABYSHARK, previously reported to have been developed and used by the APT group Kimsuky (KTA082). The malware was deployed as part of an attempted compromise that was detected and stopped by the Kroll Responder team. The activity started with exploitation of a recently addressed authentication bypass in the remote desktop software ScreenConnect, developed by ConnectWise.
  |  By Kroll
In 2022, Gartner coined the term and concept of continuous threat exposure management (CTEM) — a five-stage approach that continuously exposes an organization’s networks, systems, and assets to simulated attacks to identify vulnerabilities and weaknesses.
  |  By Kroll
Kroll’s Q4 analysis shows ransomware groups increasingly gaining initial access through external remote services. The quarter presented a complex security landscape with a mix of both positive and negative trends: positively, activity associated with larger ransomware-as-a-service (RaaS) operations, like LOCKBIT and BLACKCAT, declined.
  |  By Kroll
This weeks' briefing covers: Dive deeper: playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
  |  By Kroll
This weeks' briefing covers: Dive deeper: playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
  |  By Kroll
Seeking to bolster its operational resilience, a UK bank was on the hunt for a partner to enhance their threat visibility throughout its environment, assuming the responsibility of monitoring key infrastructure and assets around the clock. In fast-moving threat landscape where security alerts can quickly multiply, Kroll's Managed Detection and Response (MDR) service, Kroll Responder, cuts through the noise. Learn how we helped our client improve cyber resilience by significantly reducing false positives, thus improving operational efficiency and security effectiveness.
  |  By Kroll
This weeks' briefing covers: Dive deeper: playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
  |  By Kroll
In the fast-paced world of asset management, security visibility and quick response to incidents are paramount, but building these capabilities in-house can be a challenge. Discover how our Kroll Responder MDR service helped a leading asset management firm identify and respond to security incidents faster and more effectively. Through an outcome-driven approach, Kroll offered the expertise and network and endpoint detection technologies to manage threats around-the-clock.
  |  By Kroll
This weeks' briefing covers: Dive deeper: Full playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
  |  By Kroll
This weeks' briefing covers: Dive deeper: Full playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
  |  By Kroll
Kroll implemented its managed detection and response solution, Kroll Responder, to ensure 24/7 threat management.
  |  By Kroll
This weeks' briefing covers: Dive deeper: Full playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.
  |  By Kroll
This weeks' briefing covers: Dive deeper.
  |  By Kroll
As per data published by the Office of the Australian Information Commissioner, the healthcare industry in Australia accounted for 22% of notifiable data breaches between January to June 2020, which was more than any other industry. Cybercriminals continue to target this industry due to the vast amounts of highly sensitive personal information (such as Medicare numbers, credit card information and medical insurance numbers) that is stored by healthcare providers.

Kroll is the world’s premier provider of services and digital products related to governance, risk and transparency. We work with clients across diverse sectors in the areas of valuation, expert services, investigations, cyber security, corporate finance, restructuring, legal and business solutions, data analytics and regulatory compliance. Our firm has nearly 5,000 professionals in 30 countries and territories around the world.

Kroll experts provide rapid response to more than 2,000 cyber incidents of all types annually. We help countless more clients with eDiscovery and litigation support (including expert witness services); managed detection and response services for both active threats and as an integral part of network security; notification solutions, including multilingual call center support; and proactive services, including general and threat-focused risk assessments, response planning, tabletop exercises and more.

Our experts are able to deliver best-in-class endpoint security through our managed detection and response solution, Kroll Responder. Responder handles every step, with 24x7 managed detection and response services fueled by threat hunting and superior incident response.