Joint Federal Advisory on Karakurt Data Extortion Group Technical Details

Context On June 1, 2022, the United States Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigations (FBI), the Treasury Department, and the Financial Crimes Enforcement Network released a joint advisory with technical details and indicators of compromise for the Karakurt data extortion group. Karakurt is an advanced persistent threat (APT) group focused…

Read More

Manage Your Cloud Vulnerabilities with an Identity and Access Management Strategy

Identity and access management (IAM) is a strategy for protecting critical information within your organization by limiting who is able to access privileged resources. With the rise of remote work and adoption of cloud-based work environments, identity can no longer be assumed based on location or device but must be verified by other authentication factors….

Read More

International Airline Service Interruptions

Context On May 25, 2022, multiple flights in India were grounded for several hours after the airline confirmed a ransomware attack on their internal systems that also disrupted their website functionality. On May 26, 2022, a small airline cancelled all flights leaving Gatwick in the United Kingdom from 1 to 3 p.m. BST due to…

Read More

Zero Trust Architecture for Cloud Vulnerability Management

A zero-trust approach to security, as the name implies, means that no user or application is inherently trusted. All access must be verified before permission is granted. A zero-trust approach relies on the principle of least privilege and microsegmentation of resources to limit access to just what is needed for the work being done. Behavior…

Read More

Cloud Compliance Standards and Security Frameworks

The cloud provides increased flexibility for businesses in today’s digital world, but the transition to cloud services has changed the nature of security. Old rules based on trusted on-premises perimeters are no longer relevant, and security teams must apply new standards to ensure compliance with data regulations and security best practices. This is where cloud…

Read More