Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Kroll Conversations: Meet the Cyber Strategy and Advisory Experts

In a fast-moving threat landscape, finding the answers to complex security challenges can be fraught with unknowns. Asking the right questions can make all the difference, as Steven Escobar and Ben Habing know well through their work in the Assessments and Advisory practice within Cyber and Data Resilience at Kroll.

Azure Monitor Agent Metrics Extension Vulnerability: From Engagement to CVE

This article was authored by Cristhian Parrot from the Kroll Offensive Security Team. Kroll’s Offensive Security Team recently discovered a new vulnerability within Microsoft’s Azure Monitor Agent Metrics Extension, which demonstrates how subtle configuration issues can introduce significant security risks in widely deployed infrastructure components.

The Deep Dive: Kroll's Analysis of the GARUDA C2 Malware

Kroll identified a cross-platform malware framework, dubbed GARUDA C2, that uses public code-hosting platforms like GitHub for staging, redundancy and command distribution across Windows, macOS and Linux. Analysis links the campaign to an India-based operator supported by Hindi-language development artifacts, build logs, infrastructure indicators and evidence suggesting use of a locally hosted large language model (LLM) to accelerate malware development.

Beyond Static Identity: Why Adaptive Behavioral Trust Is Now Essential

Enterprise security is confronting an identity problem that has outgrown the tools designed to contain it. For years, the operating model was straightforward, to authenticate users at the gate, grant access and monitor known risks. However, today AI is increasingly interwoven with business practices, making that model no longer fit for purpose.