third party compromise
MOVEit compromise affects pension systems, insurers
The compromise of PBI Research and The Berwyn Group’s MOVEit installation has resulted in the theft of data belonging to several pension systems and insurance companies …
LastPass breach: Hacker accessed corporate vault by compromising senior developer’s home PC
LastPass is, once again, telling customers about a security incident related to the August 2022 breach of its development environment and subsequent unauthorized access to the …
50% of organizations have indirect relationships with 200+ breached fourth-party vendors
98 percent of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years, according to SecurityScorecard and The …
GoTo now says customers’ backups have also been stolen
GoTo (formerly LogMeIn) has confirmed on Monday that attackers have stolen customers’ encrypted backups from a third-party cloud storage service related to its Central, …
Why chasing risk assessments will have you chasing your tail
Third-party risk assessments are often described as time-consuming, repetitive, overwhelming, and outdated. Think about it: organizations, on average, have over 5,000 third …
Your vendors are likely your biggest cybersecurity risk
As speed of business increases, more and more organizations are looking to either buy companies or outsource more services to gain market advantage. With organizations …
DigitalOcean customers affected by Mailchimp “security incident”
A recent attack targeting crypto-related users of Mailchimp has ended up affecting users of cloud infrastructure provider DigitalOcean, the latter company has announced on …
Why cyber security can’t just say “no“
There was a time, not long ago, when there were only so many ways of accomplishing an information technology task. Whether you were building a website, setting up a new …
Manage and monitor third-party identities to protect your organization
SecZetta shared a research that demonstrates a clear misalignment between the strategies organizations currently use and what is actually required to protect them from …
18% of the top 99 insurance carriers have a high susceptibility to ransomware
Black Kite released a report that examines rising cyber risk concerns and ransomware susceptibility in the insurance sector. The most notable takeaway: nearly 20% of the top …
Okta names contractor involved in Lapsus$ gang’s attack
Okta has released additional details about the security incident caused by the Lapsus$ gang, and has named the contractor involved: Sitel. What happened? “Like many SaaS …
Strengthening third-party vendor programs in times of crisis and beyond
The ongoing global turmoil has tested the supply chain across industries in a myriad of ways – from strained resources and remote workflows to security concerns and more. …