How to Outsmart the DarkSide Ransomware Group

DarkSide Ransomware

The DarkSide Ransomware Group is one of the many gangs that continue to rebrand themselves while expanding to gain more intelligence in 2022. So, is there any way to outsmart these groups? It almost seems like a losing battle. However, a strong defence can be created within your organisation, but first, it’s important to start […]

“Cryptic Clouds” Hacker’s Compromise Google Cloud Accounts to Mine Cryptocurrency

Picture showing Google logo and a cloud

Threat actors are actively exploiting a misconfigured Google Cloud Platform (GCP) infrastructure to mine cryptocurrency. Google’s recent threat horizon report detailed that out of 50 recently compromised GCP instances, 86% were used for crypto mining. Statistics show that 48% of intrusions were the result of poor password hygiene and or insecure API configurations. However, 26% […]

Ransomware Threat Actors Turn to Target the Cloud

Ransomware threat actors

As expected, in Q2 this year, cyber criminals shifted their focus to cloud-based apps. A report by Netspoke revealed that 68% of all downloads with malware attached, were dispersed from cloud apps. Now that companies heavily rely on cloud-based services for connectivity and collaboration purposes to support working from home environments – attackers are turning […]

Hiring a Virtual CISO Verses a Full Time CISO Comparison

Virtual CISO

Most of us are aware that there is a huge gap of qualified cyber security talent available to hire. A study by the Center of Cyber Safety and Education identified that there may be close to 100,000 unfilled UK cyber security jobs by 2022. With this staggering statistic, it’s no wonder why many organisations battle […]

How Long Does SOC 2 Compliance Take and How Can You Get Certified?

how to get soc 2 compliance

It seems like a long project to reach SOC compliance, right? Well, not if you consider that SOC 2 compliance is a journey and not just a tick box certification. SOC 2 will enable you to embed processes and controls to improve security maturity – demonstrating the operating effectiveness of these controls. How long does […]

Risk & Compliance Predictions for 2021: A Not to Miss Webinar

If change is the only constant in cyber security, then what will the year ahead of us bring? How can we prepare for ever-evolving threats?   Register for the webinar: Risk & Compliance Predictions for 2021 The session will cover: The challenges of greater enforcement Ransomware and the next generation of threat vectors What boards […]

Breach Alert: SolarWinds Orion Network Backdoor Compromise

windows containers

Please be advised that SolarWinds has issued an urgent security advisory for their Orion Platform. It’s claimed that nation-state actors aggressively targeted at least two U.S. Government Agencies to include the US Department of Treasury and the National Telecommunications and Information Administration. Additionally, other global organisations in various industries ranging from telecoms, major retail chains […]

Risk Crew