In early August, Arctic Wolf Labs began observing a marked increase in Fog and Akira ransomware intrusions where initial access to victim environments involved the use of SonicWall SSL VPN accounts. Based on victimology data showing a variety of targeted industries and organization sizes, we assess that the intrusions are likely opportunistic, and the threat actors are not targeting a specific set of industries.

As networks become increasingly distributed, user identities are becoming a top adversary target. CrowdStrike’s 2024 Threat Hunting Report and 2024 Global Threat Report state 5 of the top 10 MITRE tactics we observed in 2023 were identity-based, and the CrowdStrike 2023 Threat Hunting Report noted a 583% year-over-year increase in Kerberoasting attacks. These findings illustrate how modern adversaries aren’t breaking in — they’re logging in.

Wallarm’s Security Edge is setting a new standard in API security—far beyond the reach of traditional Content Delivery Networks (CDNs). Let’s get it straight: Security Edge is not just a new addition to the API security market; it’s a disruption. Designed to deliver fast, effective, and advanced API protection where APIs need it, Wallarm’s Security Edge targets what CDNs cannot.

This week, the FBI announced it is investigating a classified data leak of U.S. intel on Israel’s plans to retaliate against Iran. The top-secret documents were exposed on the Telegram messaging app, and it’s unclear if it was a leak or hack. The investigation will center on the Defense Department’s National Geospatial-Intelligence Agency, which manages the country’s network of spy satellites and anyone with access to the classified document.

When it comes to building a comprehensive data security strategy, everything hinges on finding and accurately classifying all your sensitive data. It seems security professionals have finally given up on legacy solutions that require extensive labeling and manual data mapping — and not a moment too soon. We're confident no one will mourn the passing of legacy solutions.

The growing scale of organizations and the more opportunities to push the boundaries have led to an upsurge in corporate fraud in recent years. Fraud can be a deceptive action taken against a company or one carried out by the company. A company could commit fraud in many ways to improve its industry reputation and defend itself from audits. On the other side, a company may become a victim of financial statement fraud, asset theft, and corruption committed by its staff members.

One of the most challenging elements of securing an organization from cyber threats is ensuring that their employees aren’t placing themselves or their colleagues at risk. But as Arctic Wolf’s new Human Risk Behavior Snapshot shows, even security practitioners and IT leaders aren’t always model citizens when it comes to mitigating their own cyber risk.

During the long-awaited Snyk Launch 2024, we announced the exciting general availability of Snyk Code's auto-fixing feature, DeepCode AI Fix, powered by our AI machine, DeepCode AI! To celebrate this milestone, let’s explore how Snyk’s AI-powered features differentiate our approach to application security. AI is on everyone's minds, along with its countless applications that offer a wide variety of solutions (and issues).

Cloud storage in SaaS apps has become an indispensable tool for organizations of all sizes, with as much as 60% of corporate data now residing in the cloud. However, the convenience of cloud storage comes with the risk of data leaks, which can have devastating consequences. While cloud storage allows for easy data sharing and collaboration, it also opens up potential vulnerabilities that must be addressed.

Despite the rapid evolution of security technologies, many SOCs are still weighed down by manual processes and outdated tools. Analysts are burdened with repetitive tasks, inefficient workflows, and disjointed incident response mechanisms. This broken system is leaving SOCs reacting to incidents instead of preventing them. There’s a better way forward.