Huntress has completed a Series C round to expand beyond the endpoint protection market and bring managed security to identity and cloud. Hackers are increasingly going after employee accounts at SMBs and using the compromised identity to move into other systems via SSO, CEO Kyle Hanslovan said.
The purchase of promising early-stage startup Laminar by a large tech vendor would match many M&A deals seen in 2023. The downturn has made it tough for small startups to raise additional funding at an increased valuation, while the push for profitability has left big firms open to only tuck-in M&A.
Gamification in cybersecurity can bring great potential business value to many organizations, but security teams need to dispel some misconceptions. In the first place, it’s not a game that takes employees away from their jobs, said Joe Carson, chief security scientist and advisory CISO at Delinea.
Warning to criminals: Could that cybercrime service you're about to access really be a sting by law enforcement agents who are waiting to identify and arrest you? That's the message from British law enforcement agents, who say they're running multiple DDoS-for-hire sites as criminal honeypots.
Identity verification and e-signature firm OneSpan is working with investment bank Evercore on a sale process that could attract interest from other businesses and private equity firms, Reuters reported. This follows five publicly traded cyber vendors agreeing to go private since the start of 2022.
With signs pointing to a global economic downturn, cybersecurity organizations are already thinking about managing budgets and doing more than less. Four CISOs share a wide range of belt-tightening tips, from putting the squeeze on your vendors and suppliers to training and hiring from within.
A lack of visibility makes it nearly impossible to protect an organization against attack. If you can't see what's lurking in the dark corners of your environment, all you can do is react instead of actively identifying and mitigating risks. But some technologies can help with threat visibility.
Cybercrime experts have long urged victims to never pay a ransom in return for any promise an attacker makes to delete stolen data. That's because, as a recent case highlights, whatever extortionists might promise, stolen personal data is lucrative, and it often gets sold six ways from Sunday.
The LockBit group has gone from denying it had any involvement in the ransomware attack on Britain's Royal Mail to trying to bargain for a ransom. The ransomware group's site now lists Royal Mail as a victim and demands it pay a ransom or see stolen data get dumped.
Criminals lately have been prioritizing two types of attacks: exploiting Remote Desktop Protocol and penetrating cloud databases. So warns cyber insurer Coalition, based on analyzing in-the-wild attacks seen in 2022 via underwriting and claims data, scans of IP addresses and honeypots.
Nation-state attackers are not just looking for major vulnerabilities to gain control of the enterprise. They are exploiting minor flaws to gain access and increase the severity of their attacks, says Matanda Doss, executive director of cybersecurity and technology controls at JPMorgan Chase.
The total amount of ransom payments being sent by victims to ransomware groups appears to have taken a big dip, declining by 40% from $766 million in 2021 to $457 million in 2022 due to victims simply being unwilling to pay, blockchain intelligence firm Chainalysis reports.