The vast majority of cyberattacks are executed for financial gain, and that means that any organization, regardless of size, industry, or current in-house capabilities, can become a victim of cybercrime. Educational organizations are a particularly attractive target for cybercriminals, especially from phishing and ransomware attacks, due to their valuable personal ... Read More

Every organization has its own combination of cyber risks, including endpoints, internet-connected devices, apps, employees, third-party vendors, and more. Year after year, the risks continue to grow more complex and new threats emerge as threat actors become more sophisticated and the use of artificial intelligence aids their efforts. There’s not ... Read More

Over the past few years, cyberattacks have increased in number and complexity, and the cost to recover from an incident has increased as well. The average cost for a company to recover from a ransomware attack is $1.82 million, according to Sophos Guide to Cyber Insurance, 2023. That’s a substantial ... Read More

Every month, the Pondurance team hosts a webinar to keep clients current on the state of cybersecurity. In February, the team discussed notable vulnerabilities and trends, took a deep dive into domain controller synchronization (DCSync) attacks, reviewed threat hunting trends, and offered security operations center (SOC) engineering insights. Notable Vulnerabilities ... Read More

Every month, the Pondurance team hosts a webinar to keep clients current on the state of cybersecurity. In January, the team discussed threat intelligence, notable vulnerabilities and trends, threat hunting trends, and the cyber threat landscape. Threat intelligence review To begin the webinar, the Senior Manager of Incident Response discussed ... Read More

Every month, the Pondurance team hosts a webinar to keep clients current on the state of cybersecurity. In December, the team discussed novel tactics, notable vulnerabilities, current trends, and data leaks. Novel Tactics To kick off the webinar, the Director of Incident Response discussed several novel tactics recently used by ... Read More

With more than 3 billion phishing emails received each day, employees are bound to make a mistake, clicking on a malicious link that could result in a cyberattack. The Cybersecurity and Infrastructure Security Agency (CISA) estimates that over 90% of successful cyberattacks are initiated by a phishing email. But what ... Read More

Every month, the Pondurance team hosts a webinar to keep clients current on the state of cybersecurity. In November, the team discussed notable vulnerabilities and trends, gave a crash course on security operations center (SOC) metrics, and provided insights on a recent SOC engineering exercise. Vulnerabilities and Trends The Vulnerability ... Read More

A data breach is a cyber incident that violates the sensitive, protected, or confidential data of an organization. The breach can be overt, such as a ransomware attack where a threat actor holds an organization’s data hostage until the organization pays the ransom demand, or covert, such as a malware ... Read More

Year after year, cyberattacks just keep coming. Today, ransomware is the primary threat from cybercriminals, particularly in the healthcare, government facilities, and critical manufacturing industries. The average ransom payment nearly doubled from $812,000 in 2022 to over $1.54 million in 2023, according to Sophos’ report The State of Ransomware 2023 ... Read More