Exciting times are here at Arctic Wolf. This week, we celebrated a pair of awards recognizing our status as an industry innovator and employer of choice, with rankings on both the Forbes Cloud 100 and Fortune Best Medium Workplaces list.

Throughout 2022, Netskope Threat Labs found that attackers have been creating phishing pages in Google Sites and Microsoft Azure Web App to steal cryptocurrency wallets and accounts from Coinbase, MetaMask, Kraken, and Gemini. These phishing pages are linked from the comment sections of other websites, where the attacker adds multiple links to the phishing pages, likely to boost SEO and drive victims directly to these pages.

These are some of the opening words in the new survey published by ISMG and HelpSystems in the ‘Data Security Survey 2022’. The survey explores how COVID19 has permanently changed how CISOs approach Data Security. It is an important study because it recognises that in a world which is in a rush to return to ‘normal’ (whatever normal is now), change has come, and we need to respond to it.

Ask any security professional how to effectively measure risk and many will give a simple answer…

Let’s talk about vendor security reviews. If you felt some form of unpleasant emotion just reading the phrase “vendor security review,” I understand. You and I are not so different. You have likely participated in completing at least one vendor security review in your career. During the process you may have questioned humanity, your career choice or at least whether or not your company should be doing business with the procuring organization.

A comprehensive organizational strategy and robust company security policy are crucial for effective cybersecurity. A company needs to make a concerted effort to design, execute, and follow through with a plan to deal with cyber-risk management from top to bottom. There is no one-size-fits-all strategy for the needs of enterprises in managing cyber risk. But in order to maintain strong system security in the face of constant threats, there are some core principles that every company should follow.

So many great software and cloud-based organizations turn away from working with the US Government because the authorization to operate (ATO) processes are prohibitively complicated, expensive, and time intensive.

This year, Cyberint Research Team has witnessed a major spike in compromised Atlassian service credentials compared to 2021. When observing compromised Atlassian credentials from the start of 2021 and 2022 through to August of the relevant year, we have seen an increase of around 337% (Figure 1, 2) in leaked credentials.