September 2022

How Your Healthcare Organization Can Achieve Cloud Cybersecurity and Compliance

Sep 30, 2022 By Arctic Wolf In Arctic Wolf

Healthcare leaders are embracing cloud technologies to connect information across the continuum of care, engage more patients, and unlock the potential of health data. While the cloud streamlines healthcare operations, it also presents challenges for organizations that must meet the stringent data security requirements of HIPAA and other security standards.

Read Post

Arctic Wolf

Read more about How Your Healthcare Organization Can Achieve Cloud Cybersecurity and Compliance

Microsoft Exchange On-Prem Zero-Day Vulnerabilities Exploited in the Wild

Sep 30, 2022 By Sule Tatar In Arctic Wolf

On Thursday, September 29th, 2022, GTSC–a Vietnam-based cybersecurity company–published a blog detailing intrusion they investigated that chained together two exploits for Microsoft Exchange zero-day vulnerabilities to achieve remote code execution (RCE). Technical details around how to exploit these vulnerabilities were not provided.

Read Post

Arctic Wolf

Read more about Microsoft Exchange On-Prem Zero-Day Vulnerabilities Exploited in the Wild

Cybersecurity Awareness Month: The Importance of Enabling MFA

Sep 29, 2022 By Nathan Caldwell In Arctic Wolf

Welcome to October, the spookiest month of the year! No, we’re not talking cute kids dressed as their favorite cartoon character on a mission to collect a mountain of candy. That’s a treat. We’re here to talk about the tricks, and how you can keep from falling for them. That’s right, it’s Cybersecurity Awareness Month!

Read Post

Arctic Wolf

Read more about Cybersecurity Awareness Month: The Importance of Enabling MFA

1H 2022 Incident Response Insights from Arctic Wolf Labs

Sep 29, 2022 By Arctic Wolf Labs In Arctic Wolf

Arctic Wolf Labs regularly collects and analyzes data and insights from the incident response activities of Arctic Wolf’s incident response business unit, Tetra Defense. These insights, as laid out in the charts and graphs in this blog, enhance the threat detection capabilities of the Arctic Wolf Security Operations Cloud, and are leveraged by Arctic Wolf’s community of partners.

Read Post

Arctic Wolf

Read more about 1H 2022 Incident Response Insights from Arctic Wolf Labs

What is a CISO? What They Do and How To Become One

Sep 27, 2022 By Arctic Wolf In Arctic Wolf

Ah, the CISO. In the past decade no job title has become more fashionable. At the same time, no job title has carried more of an air of mystery. What, exactly, is a CISO? What do they do? How do they do it? And how can you become one? Let’s find out.

Read Post

Arctic Wolf

Read more about What is a CISO? What They Do and How To Become One

CVE-2022-3236 - Remote Code Execution Vulnerability in Sophos Firewall

Sep 26, 2022 By Sule Tatar In Arctic Wolf

On Friday, September 23, 2022, Sophos disclosed a critical code injection vulnerability impacting Sophos Firewall. This vulnerability, assigned CVE-2022-3236, affects Sophos Firewall versions v19.0 MR1 (19.0.1) and older and could lead to remote code execution. In order for a threat actor to exploit this vulnerability, WAN access would need to be enabled for the Webadmin and User Portal consoles.

Read Post

Arctic Wolf

Read more about CVE-2022-3236 - Remote Code Execution Vulnerability in Sophos Firewall

16 Threat Intelligence Terms Everyone Should Know

Sep 23, 2022 By Sule Tatar In Arctic Wolf

Understanding the ins and outs of threat intelligence can be complicated for an organization. If your business is anything but cyber, it’s understandable to be overwhelmed by terms like ransomware, cryptocurrency, and DDoS attacks, especially in relation to your systems and assets. That’s okay.

Read Post

Arctic Wolf

Read more about 16 Threat Intelligence Terms Everyone Should Know

Insight Into The Strengthening America Cybersecurity Act

Sep 22, 2022 By Arctic Wolf In Arctic Wolf

Signed into law in March of 2022, the Strengthening American Cybersecurity Act (SACA) gives federal authorities an overview of all cyber attacks against critical infrastructure in the United States for the very first time. SACA has three parts: SACA comes at a time when governments are facing a significant paradigm shift.

Read Post

Arctic Wolf

Read more about Insight Into The Strengthening America Cybersecurity Act

What We Can Learn from the 'Prompt-bomb' Uber Hack

Sep 21, 2022 By Arctic Wolf In Arctic Wolf

It was the worst-case scenario for Uber, the popular ride-sharing app, when the company suffered a major data breach in early September. While the extent of the damage, and the data potentially stolen, is still being uncovered, the attack — and the methods used to execute it — can be examined and used to teach other organizations what (and what not) to do.

Read Post

Arctic Wolf

Read more about What We Can Learn from the 'Prompt-bomb' Uber Hack

What Happened in the Uber Breach? | Beyond the Breach

Sep 20, 2022 By Arctic Wolf In Arctic Wolf

Uber’s information systems were recently breached, and it appears it all started with a hacker targeting one employee. Get the full rundown of what happened in this episode of Beyond the Breach.

View Video

Arctic Wolf

Read more about What Happened in the Uber Breach? | Beyond the Breach

Initial Access Brokers: What They Are, How They Gain Access, and Who Uses Their Services

Sep 19, 2022 By Sule Tatar In Arctic Wolf

Imagine a burglar. They’ve spent large amounts of time researching their target — your house. They’ve perfected their infiltration techniques, found your weak points, learned your schedule, and know the best time to strike. They’ve shown up when you least expect it and jimmied open the lock on the back door. And now, rather than head inside and steal your valuables, they hold the door open for someone else.

Read Post

Arctic Wolf

Read more about Initial Access Brokers: What They Are, How They Gain Access, and Who Uses Their Services

Lorenz Ransomware Intrusion: Understanding Your Risk

Sep 14, 2022 By Arctic Wolf In Arctic Wolf

The Arctic Wolf Labs team recently investigated a Lorenz ransomware intrusion, which leveraged a Mitel MiVoice VOIP appliance vulnerability (CVE-2022-29499) for initial access and Microsoft’s BitLocker Drive Encryption for data encryption. Lorenz is a ransomware group that has been active since at least February 2021 and like many ransomware groups, performs double-extortion by exfiltrating data before encrypting systems. Over the last quarter, the group has primarily targeted small and medium businesses (SMBs) located in the United States, with outliers in China and Mexico.

View Video

Arctic Wolf

Read more about Lorenz Ransomware Intrusion: Understanding Your Risk

Chiseling In: Lorenz Ransomware Group Cracks MiVoice And Calls Back For Free

Sep 12, 2022 By Markus Neis, Ross Phillips, Steven Campbell, Teresa Whitmore, Alex Ammons, and Arctic Wolf Labs Team In Arctic Wolf

The Arctic Wolf Labs team recently investigated a Lorenz ransomware intrusion, which leveraged a Mitel MiVoice VoIP appliance vulnerability (CVE-2022-29499) for initial access and Microsoft’s BitLocker Drive Encryption for data encryption. Lorenz is a ransomware group that has been active since at least February 2021 and like many ransomware groups, performs double-extortion by exfiltrating data before encrypting systems.

Read Post

Arctic Wolf

Read more about Chiseling In: Lorenz Ransomware Group Cracks MiVoice And Calls Back For Free

A Security Leader's Guide to Leveraging MDR

Sep 10, 2022 By Arctic Wolf In Arctic Wolf

Each organization has its own unique attack surface, operating model, and risk tolerance. The challenge for CISOs (Chief Information Security Officers) and IT teams is how to keep business running smoothly, without interruption, while at the same time securing and protecting data. And, since every organization is different, no single strategy will work for everyone.

Read Post

Arctic Wolf

Read more about A Security Leader's Guide to Leveraging MDR

Car Dealerships: Dealers Must Bolster Data Security Under New FTC Rule

Sep 9, 2022 By Arctic Wolf In Arctic Wolf

The Federal Trade Commission has recently updated the 2003 Gramm-Leach-Bliley Act ‘Safeguards Rule’ to create new standards and procedures that will apply to auto dealerships and go into effect in December 2022. The Safeguards Rule outlines the standards required for the protection of consumer data. The new updates create stricter criteria and procedures that car dealers will need to implement, both to reduce the risk of a data breach and to better protect customer data.

Read Post

Arctic Wolf

Read more about Car Dealerships: Dealers Must Bolster Data Security Under New FTC Rule

The Top Cyber Attacks of August 2022

Sep 9, 2022 By Arctic Wolf In Arctic Wolf

Ransomware dominated the cybersecurity sphere yet again in August, with victims ranging from wealthy European nations to humble libraries to one of the most storied franchises in American sports. Also, people who send disgusting pranks via mail got some of their business put out on the street. What can we say, it was a weird month. Here are some of the breaches, hacks, and attacks that captured our attention in August 2022.

Read Post

Arctic Wolf

Read more about The Top Cyber Attacks of August 2022

vxIntel Joins Arctic Wolf to Boost Detection and Threat Intelligence

Sep 8, 2022 By Dan Schiappa In Arctic Wolf

I’m excited to announce that vxIntel, a leading provider of cyber threat intelligence has joined Arctic Wolf. vxIntel’s Malware Intelligence Platform currently analyzes over 500,000 files each day and over 10 terabytes of data each month from over 100 global data sources.

Read Post

Arctic Wolf

Read more about vxIntel Joins Arctic Wolf to Boost Detection and Threat Intelligence

Challenge Accepted Podcast - Finding Your First Job in Cybersecurity

Sep 6, 2022 By Arctic Wolf In Arctic Wolf

Security is a journey, not a destination. Every organization — no matter their size or age — should be constantly working to level up their cybersecurity. It’s the kind of process that can be continually reworked, reevaluated, and honed as organizations grow and evolve, and as the cyber threat landscape changes. The question, of course, is where to start?

Read Post

Arctic Wolf

Read more about Challenge Accepted Podcast - Finding Your First Job in Cybersecurity

Recent Phishing Attack Highlights How Hacks Are Changing

Sep 2, 2022 By Sule Tatar In Arctic Wolf

Hackers are getting smarter, and phishing is becoming more sophisticated. Most employees know that when an email comes in from a random address, rife with misspellings, and credentials or other private data demands, it’s absolutely a phishing scam. But what if, as an employee, you got a text to update your Okta credentials? What if the link took you to a domain that looked just like your Okta login?

Read Post

Arctic Wolf

Read more about Recent Phishing Attack Highlights How Hacks Are Changing

The Importance of Physical Security | Arctic Wolf

Sep 2, 2022 By Arctic Wolf In Arctic Wolf

Physical security breaches by social engineers can be catastrophic for your organization's data. Join Special Agent Cipher to learn about the types of social engineering tactics used by bad actors, along with strategies to keep your organization out of harm's way.

View Video

Arctic Wolf

Read more about The Importance of Physical Security | Arctic Wolf

This Old Hack: Phishing

Sep 2, 2022 By Arctic Wolf In Arctic Wolf

In this episode of This Old Hack, a bad actor writes in for help on how to improve their phishing game after not being able to get through filters anymore. Luckily for them, the Old Hack has some answers. Learn about the latest tactics hackers are using to successfully create convincing looking phishing emails.

View Video

Arctic Wolf

Read more about This Old Hack: Phishing

How Zero-Days Work And Why They Aren't Going Away Anytime Soon

Sep 1, 2022 By Dan Schiappa In Arctic Wolf

Few security exploits are the source of more sleepless nights for security professionals than zero-day attacks. Just over Memorial Day weekend, researchers discovered a new vulnerability enabling hackers to achieve remote code execution within Microsoft Office. Dubbing the evolving threat the Follina exploit, researchers say all versions of Office are at risk.

Read Post

Arctic Wolf

Read more about How Zero-Days Work And Why They Aren't Going Away Anytime Soon

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2022

How Your Healthcare Organization Can Achieve Cloud Cybersecurity and Compliance

Microsoft Exchange On-Prem Zero-Day Vulnerabilities Exploited in the Wild

Cybersecurity Awareness Month: The Importance of Enabling MFA

1H 2022 Incident Response Insights from Arctic Wolf Labs

What is a CISO? What They Do and How To Become One

CVE-2022-3236 - Remote Code Execution Vulnerability in Sophos Firewall

16 Threat Intelligence Terms Everyone Should Know

Insight Into The Strengthening America Cybersecurity Act

What We Can Learn from the 'Prompt-bomb' Uber Hack

What Happened in the Uber Breach? | Beyond the Breach

Initial Access Brokers: What They Are, How They Gain Access, and Who Uses Their Services

Lorenz Ransomware Intrusion: Understanding Your Risk

Chiseling In: Lorenz Ransomware Group Cracks MiVoice And Calls Back For Free

A Security Leader's Guide to Leveraging MDR

Car Dealerships: Dealers Must Bolster Data Security Under New FTC Rule

The Top Cyber Attacks of August 2022

vxIntel Joins Arctic Wolf to Boost Detection and Threat Intelligence

Challenge Accepted Podcast - Finding Your First Job in Cybersecurity

Recent Phishing Attack Highlights How Hacks Are Changing

The Importance of Physical Security | Arctic Wolf

This Old Hack: Phishing

How Zero-Days Work And Why They Aren't Going Away Anytime Soon

Monthly Archive

Follow Us