Business Security

2024 is poised to be a hotbed for new challenges in cybersecurity as the economic and political terrains continue to undergo digitization and enterprises increasingly leverage artificial intelligence and machine learning (AI/ML), the cloud, and Web3 technologies. While these innovations are expected to lend a hand to organizations, they also provide opportunities for cybercriminals by promising big returns, more streamlined operations on wider impact zones, and more targeted victims.

After the shutdown of its leak site in October, we look at how ransomware group Trigona operated during its period of activity and discuss how enterprises can fortify their defenses against similar threats.

As technologies continue to evolve and expand, organizations experience a technological paradox: Their increasing interconnectivity means that they simultaneously become more distributed. Case in point, robust cloud and networking technologies support today’s widespread adoption of hybrid and remote work arrangements, allowing employees all over the globe to work remotely full time or at least part of the time.

Kubernetes, also known as K8s, is a very complex open-source platform that requires detailed attention to security. Despite previous efforts to increase its security, Kubernetes remains insecure by default and requires different security tools to protect the cluster.

We examine the automotive data ecosystem and take a closer look at privacy and security concerns arising from how data is generated, consumed, and transmitted by connected vehicles.

In today’s rapidly evolving digital landscape, the risk of personal and professional data being stolen by nefarious actors looms larger than ever. This report lays bare the stark reality of this threat, with a specific focus on the unequal risks associated with data theft and its subsequent misuse.

This report explores the aspects and considerations required to properly perform threat modeling within a Kubernetes environment, a piece of technology that many organizations worldwide rely on and a leading container orchestration platform.

We discuss proof-of-concept rootkits and malware used by cybercriminals in conjunction with Berkeley Packet Filtering (BPF), a piece of technology that allows programs to execute code in the operating systems of popular cloud-computing platforms. We also show how to detect such threats.

In our research, we demonstrate how easy it is to discover insecure deployments of MQTT, how to identify customers of these insecure deployments, what data is being transmitted, and explore how an attacker can potentially misuse the data or abuse the insecurity of MQTT brokers.