|
By Mark Nicholls
Attackers are increasingly targeting vulnerabilities within large language models (LLMs) used to recognise and generate text. In response to the growing risk, the recently launched OWASP Top 10 for LLMs covers the key vulnerabilities within these types of AI applications. Read our guide to learn more about the most critical vulnerabilities and how to reduce AI security risks.
|
By Mark Nicholls
From chatbots like ChatGPT to the large language models (LLMs) that power them, managing and mitigating potential AI vulnerabilities is an increasingly important aspect of effective cybersecurity. Kroll’s new AI insights hub explores some of the key AI security challenges informed by our expertise in helping businesses of all sizes, in a wide range of sectors. Some of the topics covered on the Kroll AI insights hub are outlined below.
|
By The Redscan Team
CREST accreditation is a good place to start – a ‘stamp of approval’ for a high-quality penetration test. But what does it mean to be CREST-approved, and what differentiates CREST penetration testing from other assessments? Read on to find out.
|
By Mark Nicholls
In Q1 2024, Kroll observed SMS and voice-based tactics being used in phishing attacks, raising concern around the potential for deep fakes and AI technologies to further enhance the effectiveness of phishing attacks. Linked to this, one insider threat case investigated by Kroll in Q1 saw employee impersonation take place, another area in which AI-related technology could be especially impactful.
|
By Mark Nicholls
In this blog post, we provide an in-depth insight into the role of SOC services, how they work, and their benefits and potential challenges.
|
By The Redscan Team
Relying on technology alone, however advanced, can be a critical error. While top end security technologies can provide part of the answer, the sheer number of alerts generated demands constant attention. Without the right resources to analyse and manage these outputs, critical alerts may end up being ignored – a constant thorn in the side of many organisations.
|
By Mark Nicholls
From email compromise to malware, the healthcare sector is impacted not only by familiar and persistent challenges but also with newly emerging security threats. Drawing on insights from the recent Kroll report, The State of Cyber Defense: Diagnosing Cyber Threats in Healthcare, this article outlines the key threats affecting organisations such as hospitals, health trusts, GP practices and other healthcare bodies.
|
By Mark Nicholls
Cyber incident response offers a structured approach to respond to, manage and mitigate security incidents in order to limit the potential disruption of attacks. In this blog, we discuss how small and medium-sized businesses (SMBs) are being impacted by cyber threats, what cyber incident response involves and the steps you can take to protect your business.
|
By Mark Nicholls
While the top concern for healthcare cybersecurity professionals is credential access, the Kroll Threat Intelligence team finds that the healthcare industry is consistently targeted by ransomware groups using a combination of valid credential theft and the exploitation of vulnerabilities. These and other insights are discussed in the new Kroll report, The State of Cyber Defense: Diagnosing Cyber Threats in Healthcare.
|
By Mark Nicholls
To help secure sensitive data, emails that include health and care information sent to and from health and social care organisations are required to meet the Secure Email Standard (DCB1596). In this article, we discuss the standard, what it covers, and how to ensure your organisation fully meets its requirements.
|
By Redscan
Protecting against Windows vulnerabilities: the top risks you should know about.This webinar was delivered in February 2020 by Jed Kafetz, Senior Offensive Security Consultant at Redscan.
|
By Redscan
Ian Glover from CREST outlines the benefits of engaging ethical hacking providers and some of the challenges involved.
|
By Redscan
Jake Davis, Security Consultant and former Lulzsec hacker, discusses the role of ethical hacking, what changes he has seen in the industry and what lies ahead.
|
By Redscan
Lauri Love, Security Consultant and British hacktivist, discusses the mindset of a hacker, what changes he is seeing in hacking, and what the trends and challenges are for ethical hacking.
|
By Redscan
Mark Nicholls, CTO at Redscan, explains the benefits for organisations of using ethical hacking, the challenges involved and what 2020 will hold.
|
By Redscan
Raef Meeuwisse, Author and ISACA Speaker, explains why some organisations are resistant to ethical hacking, but why they would benefit from it.
|
By Redscan
Redscan CTO, Mark Nicholls, explains why Redscan decided to bring together a number of industry experts to consider the state of the industry and examine current risks, challenges and trends.
|
By Redscan
Giles Ashton-Roberts from FirstGroup outlines the benefits of engaging ethical hacking providers and some of the challenges involved.
|
By Redscan
Redscan decided to bring together a number of industry experts to consider the state of the ethical hacking industry and examine current risks, challenges and trends in 2020 and beyond.
- July 2024 (1)
- June 2024 (3)
- May 2024 (3)
- April 2024 (3)
- March 2024 (3)
- February 2024 (3)
- January 2024 (1)
- December 2023 (3)
- November 2023 (2)
- October 2023 (2)
- September 2023 (2)
- August 2023 (1)
- July 2023 (2)
- June 2023 (3)
- May 2023 (4)
- April 2023 (3)
- March 2023 (2)
- February 2023 (3)
- January 2023 (1)
- December 2022 (1)
- October 2022 (2)
- September 2022 (1)
- August 2022 (2)
- July 2022 (4)
- June 2022 (3)
- May 2022 (5)
- April 2022 (4)
- March 2022 (2)
- February 2022 (3)
- January 2022 (3)
- December 2021 (4)
- November 2021 (3)
- October 2021 (5)
- September 2021 (2)
- August 2021 (3)
- July 2021 (5)
- June 2021 (4)
- May 2021 (1)
- April 2021 (3)
- March 2021 (3)
- February 2021 (2)
- January 2021 (5)
- December 2020 (5)
- November 2020 (4)
- October 2020 (3)
- September 2020 (5)
- August 2020 (2)
- July 2020 (5)
- June 2020 (3)
- May 2020 (2)
- April 2020 (1)
- March 2020 (1)
- February 2020 (4)
- January 2020 (14)
- December 2019 (3)
Redscan is an award-winning provider of managed security services, specialising in Managed Detection and Response, Penetration Testing and Red Teaming.
Possessing a deep knowledge of offensive security, Redscan's experts are among the most qualified in the industry, working as an extension of clients' in-house resources to expose and address vulnerabilities plus swiftly identify, contain and shut down breaches.
By understanding how attackers operate and leveraging cutting-edge tools and threat intelligence, Redscan's cyber security professionals can be trusted to provide the insight and support needed to successfully mitigate information security risk and achieve compliance standards.
Redscan is now part of Kroll, the world's premier provider of services and digital products related to governance, risk and transparency.