The cloud is king. 94% of organizations rely on the public cloud in some capacity, and 84% have a “multi-cloud” strategy. The rise of hybrid and remote work, the proliferation of software-as-a-service (SaaS) and Internet of Things (IoT) devices, and the general digitization of once analog industries has turned the cloud into a “must-have,” especially with its pricing, space, and ability to be accessed from anywhere. But with new technologies comes new threats.

As cyber threats continue to evolve and the attack surface continues to expand, the risk of a breach becomes a matter of if not when. With migration to the cloud accelerating along with a shift to hybrid work and a surge of new IoT devices at play in every industry, it’s time for organizations to shift the way they view cybersecurity. It is no longer enough to play defense, hoping you can thwart an attack and contain the damage when it comes.

The continued increase in cybercrime and breach attempts is not a new trend. For years now, the percentages have ticked upwards, and though cybersecurity has evolved, so have hackers seeking data, money, or infamy. While the initial attack vectors can be myriad — vulnerability exploits, misconfigurations, and credential theft to name a few — there are two tactics that stand tall above the rest: Ransomware and business email compromise (BEC).

As the threat landscape continues to evolve and cybercriminals grow in sophistication, security teams are tasked with bolstering their cybersecurity controls, expertise, and solutions. However, doing all of that in-house has become more difficult due to the ongoing security skills shortage. There’s just not enough talent to go around — and that’s not expected to change anytime soon. The industry is trying to attract new talent.

On Thursday, April 20, 2023, VMware disclosed a critical deserialization vulnerability (CVE-2023-20864) in VMware Aria Operations for Logs—formerly known as vRealize Log Insight—that could result in unauthenticated remote code execution (RCE) as root. The vulnerability was responsibly disclosed to VMware through the Zero Day Initiative and has not been actively exploited in campaigns. Furthermore, we have not identified a public proof of concept (PoC) exploit for CVE-2023-20864.

On April 19, 2023, PaperCut confirmed print management servers vulnerable to a critical remote code execution vulnerability (CVE-2023-27350: CVSS 9.8) are being actively exploited by threat actors. CVE-2023-27350 could allow unauthenticated threat actors to bypass authentication and execute arbitrary code in the context of SYSTEM on a PaperCut Application Server. Zero Day Initiative responsibly disclosed the vulnerability to PaperCut on January 10, 2023; PaperCut released a patch on March 8, 2023.

You can’t secure what you can’t see goes the saying in cybersecurity. That’s why holistic visibility is so crucial for organizations tasked with staying safe in the evolving threat landscape, as it gives you full visibility into your environment. But there’s another adage that matters even more, because without access to log sources and the proper ingestion of their data, you can’t see the forest for the trees. But what are log sources? What does proper ingestion look like?

The financial services industry is undergoing a sea change in how it does business. Today their customers expect 24×7 access, self-service convenience, apps that eliminate the need to visit brick-and-mortar locations, and always-available customer service accessed via phone, email, and the internet. Making things even more challenging, financial sector leaders are embracing cloud technologies to save costs, support real-time analysis, and offer more personalized customer experiences.

A lengthy, stressful test is what comes to mind when most people hear the acronym “SAT.” But the other “SAT” — a security awareness training, or SAT, program — can also embody those qualities if it’s not managed correctly, and cause just as many headaches for an organization fighting to mitigate phishing attacks and social engineering scams.

The attack surface is bigger than ever before, and it’s only going to keep growing. As the hybrid work model puts endpoints in employee homes, IoT devices grow in number and complexity, and the very definition of endpoint itself evolves, the task of seeing into and securing all endpoints in an organization’s environment has grown into a colossal task for already overworked and overtaxed IT teams.

It’s not news that organizations’ networks are increasing in complexity. The rise of hybrid work, the proliferation of the cloud, and the increased use of IoT devices has pushed networks far outside the server room — and even the four walls of the office — into a digital-first realm. While these changes have increased efficiency, scalability, and how operations work in the modern age, they’ve also created new avenues for cybercriminals to launch an attack.

Australia is leading the way when it comes to improving overall cybersecurity for the country. The government recently announced the Australian Cyber Security Strategy aimed at improving IT infrastructure to maintain a high level of security for agencies, businesses, and users. Their goal is to create the most cyber secure nation in 2023.

It’s good to be on top. G2 has recognized Arctic Wolf® Managed Detection and Response (MDR) as the top overall MDR solution. As the leader in security operations, we help thousands of organizations across industries and around the globe end cyber risk through 24×7 monitoring that helps organizations detect, respond, and recover from modern cyber attacks. It’s an honor to be recognized by G2.

Artificial intelligence has arguably overstayed its welcome as a buzzword in the technology realm, leading to debates around the efficacy of the tool and definition of the term for the better part of two decades. But in the world of cybersecurity, businesses are just beginning to reap the benefits of advanced machine learning models that can actually keep up with ever-changing threats from cybercriminals with nothing but time on their hands to break algorithm-based defenses.

In 2022, the healthcare industry set a record no one will be eager to break. According to IBM’s 2022 Cost of a Data Breach report, the average cost of a breach in healthcare climbed to $10.1 million dollars, making it the industry with the highest average breach cost for 12 years running. Meanwhile, 57% of organizations are planning to increase their cybersecurity budgets in 2023.

What do public school students, BMW dealers, Canadian defense engineers, and the world’s richest human have in common? They all fell victim to some manner of cybercrime during March. We’ve seen time and time again that no group is off-limits in the world of cybercrime, and the span of attacks we’re covering this month highlights cybercriminals lack of preference when there’s data and money on the line.