» Blog

According to Gartner, approximately 85% of organizations will be embracing a cloud-first principle by 2025. Transitioning workloads to the cloud has offered businesses the flexibility they need to scale up and down with fluctuating demand and provide reliable access to resources for both employees and customers worldwide, but this expanded attack surface, free of a…

According to RH-ISAC’s 2021 CISO Benchmark Report, nearly 80% of CISOs anticipated a hybrid work environment in 2022. With the need for reliable access to company resources from any location, on any device, more and more companies are turning to the cloud for software-as-a-service offerings, as well as the infrastructure to host their data and…

Context On June 1, 2022, the United States Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigations (FBI), the Treasury Department, and the Financial Crimes Enforcement Network released a joint advisory with technical details and indicators of compromise for the Karakurt data extortion group. Karakurt is an advanced persistent threat (APT) group focused…

Context Microsoft has shared mitigation measures, which are included below, to block attacks exploiting the flaw, designated CVE-2022-30190, while a patch is being developed. Microsoft‘s entry for CVE-2022-30190 indicates it affects MSDT on all versions of Windows and Windows Server and has detected exploitation in the wild. The remote code execution vulnerability exists when Microsoft Support Diagnostic Tool (MSDT) is called using the…

Identity and access management (IAM) is a strategy for protecting critical information within your organization by limiting who is able to access privileged resources. With the rise of remote work and adoption of cloud-based work environments, identity can no longer be assumed based on location or device but must be verified by other authentication factors….