Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2023

Arctic Wolf

3 Types of Security Scans Every Organization Should Be Using

Sep 26, 2023 By Arctic Wolf In Arctic Wolf
According to IBM’s 2023 Cost of a Data Breach Report, it takes the average organization 277 days to detect and contain a breach. However, organizations with a robust risk management program can drastically reduce these numbers through proactive identification and remediation of vulnerabilities.
Read Post
Arctic Wolf

CVE-2023-42793: Critical RCE Vulnerability in TeamCity On-Premises

Sep 26, 2023 By Andres Ramos In Arctic Wolf
On September 20, 2023, JetBrains published a blog detailing a critical Remote Code Execution (RCE) vulnerability that was identified in TeamCity On-Premises (CVE-2023-42793). This vulnerability has a Common Vulnerability Scoring System (CVSS) score of 9.8 and can allow an unauthenticated attacker with HTTP(S) access to a TeamCity server to perform RCE. All versions of TeamCity On-Premises are affected by this vulnerability.
Read Post
Arctic Wolf

CVE-2023-41991, 41992, 41993: Three Actively Exploited Vulnerabilities in Apple Products Fixed

Sep 25, 2023 By Andres Ramos In Arctic Wolf
On September 21, 2023, Apple released emergency security updates to fix three vulnerabilities impacting macOS, iOS, iPadOS, and Safari. Citizen Lab and Google Threat Analysis Group (TAG) observed these three vulnerabilities exploited in an exploit chain against a former Egyptian Member of Parliament to deploy Predator spyware. Predator was developed by Intellexa/Cytrox to perform surveillance on targeted mobile devices.
Read Post
Arctic Wolf

Okta Environments Seeing Increased Targeted Threat Activity

Sep 22, 2023 By Andres Ramos In Arctic Wolf
In the last few weeks, Arctic Wolf Labs has noted an increase in threat activity targeting Okta as an attack vector. The relevant Techniques, Tools, and Procedures (TTPs) span across several different types of attacks. This bulletin will review several key aspects of these attacks.
Read Post

How Social Engineering Took Down MGM and Caesars

Sep 20, 2023 By Arctic Wolf In Arctic Wolf
Two major players in hospitality and gaming, MGM and Caesars, were victims of two, separate cyber attacks. While the details are still unknown, what is known is that Caesars paid the hackers a multi-million dollar ransom, and that both attacks began with social engineering.
View Video
Arctic Wolf

Major Casinos Hacked Using Social Engineering Attacks

Sep 20, 2023 By Arctic Wolf In Arctic Wolf
Two giants in the gaming and hospitality industry, Caesars Entertainment and MGM Resorts, recently announced that they were targeted by cybercriminals. But here’s the catch, both ransomware attacks appear to have started with the use of social engineering tactics against IT helpdesk personnel to gain access to systems.
Read Post
Arctic Wolf

Four Ways to Prevent Credential Theft and Credential-Based Attacks

Sep 15, 2023 By Mike McCleary In Arctic Wolf
When it comes to attack vectors, there are few as useful and widespread as credential theft. Verizon listed it as a top vector in their 2023 Data Breach Investigations Report, and Arctic Wolf Labs saw “historic compromise” as the root point of compromise for 7% of all breaches in 2022. According to IBM, stolen credentials accounted for 15% of breaches in 2022, and the average cost of a breach utilizing stolen credentials was $4.65 million.
Read Post
Arctic Wolf

BEC Attacks Are on the Rise for the Manufacturing Industry: What Does This Mean for You?

Sep 14, 2023 By Mark Manglicmot In Arctic Wolf
While ransomware continues to be a top concern for organizations, Business Email Compromise (BEC) incidents have been rising and targeting all industries. Based on the FBI’s most recent Internet Crime Report, BEC complaints outpace those of ransomware 10:1, and the losses incurred by BEC are 80 times greater than those incurred by ransomware.
Read Post
Arctic Wolf

8 Steps to Achieve Cybersecurity Compliance

Sep 13, 2023 By Arctic Wolf In Arctic Wolf
Cybersecurity compliance is complicated. As the cybersecurity industry changes, so do compliance requirements and, depending on your organization’s operations, compliance could mean adhering to multiple frameworks and reporting to multiple governing bodies. In fact, 67% of organizations surveyed by Arctic Wolf follow between one to three sets of guidelines.
Read Post
Arctic Wolf

New Vulnerabilities in Apple Products Exploited in the Wild

Sep 12, 2023 By Andres Ramos In Arctic Wolf
On September 7, 2023, Apple released emergency security updates to fix a buffer overflow vulnerability (CVE-2023-41064) and a validation issue vulnerability (CVE-2023-41061) among macOS, iOS, iPadOS, and watchOS products. These vulnerabilities can be exploited with a maliciously crafted attachment or image which leads to arbitrary code execution.
Read Post
Arctic Wolf

CVE-2023-20269: Cisco ASA/Firepower VPN Zero-Day Vulnerability Actively Exploited

Sep 12, 2023 By Andres Ramos In Arctic Wolf
On August 31, 2023, Arctic Wolf sent out a bulletin alerting customers to an ongoing brute force campaign targeting Cisco Adaptive Security Appliance (ASA). Subsequently, on September 6, 2023, Cisco published a security advisory warning of a zero-day vulnerability (CVE-2023-20269) in the remote access VPN feature of Cisco ASA and Cisco Firepower Threat Defense (FTD) Software.
Read Post

Arctic Wolf Offers Canadian Rural Healthcare Network Holistic Security Support

Sep 12, 2023 By Arctic Wolf In Arctic Wolf
As a rural healthcare network located north of Toronto, Ontario, the employees of Grey Bruce Health Services understand that PHI fetches a high value on the dark web, and that they could be one ransomware attack away from stolen data, or worse, encrypted networks that prevent critical patient care. With Arctic Wolf, including Arctic Wolf Managed Detection and Response and Arctic Wolf Managed Risk, IT Director Liane Coates feels confident and comforted that there’s a protective defensive layer not only monitoring the environment 24x7 but working on vulnerability management and proactive security strategies.
View Video
Arctic Wolf

The Top Cyber Attacks of August 2023

Sep 8, 2023 By Arctic Wolf In Arctic Wolf
There was some good news on the cybersecurity front in August, starting with a joint effort by U.S. and European authorities that broke up a far-reaching network of compromised computers used in attacks on healthcare organizations around the world. The takedown also netted more than $8 million in illicit cryptocurrency from Russian-affiliated hacking groups.
Read Post
Arctic Wolf

How Security Operations Reduces the Risk of a Cyber Incident by Over 90%

Sep 5, 2023 By Nathan Little In Arctic Wolf
The value of cybersecurity solutions is uniquely difficult to quantify. As with any risk-reduction investment, the ideal outcome is we simply avoid the outcome we’re defending against. But then how can we understand the value of our security strategy? Even if we can identify attempted compromises that are thwarted, it’s still challenging to scope out the potential impacts we were able to avert.
Read Post

Arctic Wolf Managed Security Awareness: The Mission

Sep 5, 2023 By Arctic Wolf In Arctic Wolf
Arctic Wolf Managed Security Awareness® prepares your employees to recognize and neutralize social engineering attacks and human error—helping to end cyber risk at your organization. Fresh. Original. Effective. That is the content you can expect to see through Arctic Wolf Managed Security Awareness®.
View Video
Arctic Wolf

What Is Smishing and How Organizations Can Protect Themselves

Sep 1, 2023 By Nathan Caldwell In Arctic Wolf
In the summer of 2022, a few Twilio employees received an odd text message. Through the messaging app Signal, threat actors tricked employees into giving away credentials, resulting in the compromise of over 130 connected organizations. 130 businesses breached from one text message. Ouch. That kind of tactic is becoming all too common, with stolen credentials reaching the top of the list of initial access points.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.