In early August, Arctic Wolf Labs began observing a marked increase in Fog and Akira ransomware intrusions where initial access to victim environments involved the use of SonicWall SSL VPN accounts. Based on victimology data showing a variety of targeted industries and organization sizes, we assess that the intrusions are likely opportunistic, and the threat actors are not targeting a specific set of industries.

One of the most challenging elements of securing an organization from cyber threats is ensuring that their employees aren’t placing themselves or their colleagues at risk. But as Arctic Wolf’s new Human Risk Behavior Snapshot shows, even security practitioners and IT leaders aren’t always model citizens when it comes to mitigating their own cyber risk.

AI is growing in power and scope and many organizations have moved on from “simply” training models. In this blog, we will cover a common system of LLM use called Retrieval-Augmented Generation (RAG). RAG adds some extra steps to typical use of a large language model (LLM) so that instead of working off just the prompt and its training data, the LLM has additional, usually more up-to-date, data “fresh in mind”.

With sophisticated cyberattacks getting more frequent every day, and regulations around data privacy tightening, businesses across Europe are facing a big challenge: How do you keep your network safe, stay ahead of threats and make sure you're compliant with the latest regulations? Enter the NIS2 Directive — a step up for cybersecurity that demands organizations be ready to face any cyber storm that comes their way.

Application security has transformed from being an afterthought to a central focus as threats have evolved. What was once about securing code has expanded to protecting the entire application lifecycle. The rise of cloud-native architectures, microservices, and APIs has broadened the attack surface, requiring security teams to rethink their approaches.

Source code leaks refer to the process in which the source codes of proprietary applications are made available to unauthorized persons or the public domain for various reasons. This might happen in several scenarios, including when information is leaked through public repositories, hacking attacks, internal threats, or when it is posted in version control systems.

During the long-awaited Snyk Launch 2024, we announced the exciting general availability of Snyk Code's auto-fixing feature, DeepCode AI Fix, powered by our AI machine, DeepCode AI! To celebrate this milestone, let’s explore how Snyk’s AI-powered features differentiate our approach to application security. AI is on everyone's minds, along with its countless applications that offer a wide variety of solutions (and issues).

To build customer trust, companies doing business in Europe must establish and maintain compliance with cybersecurity frameworks. However, changing regulations and new frameworks make managing compliance even more complex and burdensome for overworked security teams. To stay ahead and compete on a global stage, European companies need the right technology, local expertise, and trusted partnerships. That’s where Vanta comes in. ‍

On October 23, 2024, Fortinet published an advisory disclosing an actively exploited vulnerability (CVE-2024-47575) affecting FortiManager and FortiManager Cloud. The critical-severity vulnerability can be exploited on FortiManager instances exposed to the internet via port 541. Successful exploitation could allow a remote, unauthenticated threat actor to execute arbitrary code or commands via specially crafted requests.

The growing scale of organizations and the more opportunities to push the boundaries have led to an upsurge in corporate fraud in recent years. Fraud can be a deceptive action taken against a company or one carried out by the company. A company could commit fraud in many ways to improve its industry reputation and defend itself from audits. On the other side, a company may become a victim of financial statement fraud, asset theft, and corruption committed by its staff members.