Security | Threat Detection | Cyberattacks | DevSecOps | Compliance



Kroll named as winner at Computing Security Awards 2022

We were recognised in all four of the categories we were shortlisted in: With penetration testing playing a key role in enabling organisations to understand and significantly reduce their cyber security risk, we are delighted that our CREST-accredited services have again been recognised by customers as a leading solution in the industry.


LOLBins: executing payloads through DNS records

In this blog post, we outline the research our Threat Intelligence team has undertaken into this new attack vector. A new LOLBins tactic for executing payloads through PowerShell was released by Alh4zr3d, a security researcher, on Twitter in September 2022. In the tweet, the security researcher recommended that organisations stay away from IEX and Invoke-WebRequest when using PowerShell commands and, as a substitute, host a text record with their payload on a domain.


Kroll CFO report reveals high cost of business overconfidence around cyber risk

Our new CFO cybersecurity survey, which surveyed 180 CFOs, CEOs and other financial executives worldwide, has highlighted the fact that Chief Financial Officers are very confident in their companies’ abilities to ward off cyber security incidents, despite being underinformed on the cyber risk their businesses face. Almost 87% of the surveyed executives expressed this confidence, yet 61% of them had suffered at least three significant cyber incidents in the previous 18 months.


Top 5 penetration testing methodologies

Penetration testing plays a key role in identifying and addressing vulnerabilities by simulating the behaviour of a potential attacker. A range of penetration testing methodologies have been developed to enable security professionals to achieve this safely and effectively. In this blog post, we discuss the leading pen testing methodologies, what they involve and the aspects they cover.