“May you live in interesting times.” Cybersecurity professionals live this phrase every day. From supply-chain attacks, pervasive exposure from zero-day vulnerabilities, or the dramatic rise in ransomware, we undoubtedly live—and work—in interesting times.

In December 2021, the cybersecurity industry was made aware of CVE-2021-44228, known as Log4Shell, a novel vulnerability in a commonly found software component called Java Log4j. Arctic Wolf extensively covered the Log4Shell vulnerability and gave updates as it got involved.

CVE-2022-1040 and CVE-2022-22247 are two recent vulnerabilities that have been discovered in two different Firewall products. This blog post will cover both the Sophos Firewall vulnerability (CVE-2022-1040) and the SonicWall Firewall vulnerability (CVE-2022-22247).

By now, pretty much anyone who uses email is familiar with the term “phishing,” and is aware of the prevalence of phishing scams. However, the term “spear phishing”—and what it means exactly—might be a bit more elusive. Essentially, spear phishing is a more targeted and socially engineered version of a spray-and-pray, bait-and-hook, phishing email.

Comparing and contrasting the effectiveness of Vulnerability Assessment (VA), Vulnerability Management (VM), Risk-Based Vulnerability Management (RBVM), and Managed Risk®. Performing a vulnerability assessment (VA), implementing a vulnerability management (VM) program, and upgrading your proactive security program with a risk-based vulnerability management (RBVM) approach may help your organization effectively deal with cybersecurity vulnerabilities.

On Monday, March 21, 2022, Okta, an enterprise identity and access management firm, launched an inquiry after the Lapsus$ hacking group posted screenshots on their Telegram channel that the hackers claimed were taken after obtaining access to "Okta.com Superuser/Admin and various other systems." The screenshots that Lapsus$ provided included time stamps consistent with the January 16-21 timeframe provided by Okta.

Amidst the turmoil of the Ukraine-Russia conflict, incident responders and ransomware researchers observed several ransomware gangs publish statements on their dark web blog sites. Some actors asserted the apolitical nature of their operations, while others clearly favored a side. Most notably, the Conti ransomware group posted a public statement in support of Russia with a stern warning of retaliation on February 25, 2022.

An increasing number of modern security conscious companies have Chief Information Security Officers (CISOs) on the payroll to help them manage their environment from increasingly sophisticated cyber threats. Unfortunately, many other organizations are not currently able to employ a full time CISO. This can be related to a series of contributing factors including a lack of necessary budget, competing priorities, or unfilled vacancies due to a shortage of qualified candidates.

The Common Vulnerability Scoring System (aka CVSS score) provides a numerical (0-10) representation of the severity of an information security vulnerability.

The world is in a tumultuous place at the time of this writing, with all eyes on the escalating ground war unfolding in Ukraine. As devastating as the news has been, cybersecurity observers are well aware of the unseen battles unfolding simultaneously in cyberspace. The importance of businesses, governments, and other organizations protecting vital systems and sensitive data has never faced such a stark context.

We are excited to share that Arctic Wolf® is ranked 42nd on Fast Company’s Top 50 Most Innovative Companies List, and number 2 in the award’s Security category. This prestigious list recognizes businesses that are making the biggest impact within their industries and on culture as a whole—companies thriving in today’s dynamics. At Arctic Wolf, we constantly innovate because cyber threats are continually impacting our world, whether as organizations or as individuals.

In April 2021, CVE-2022-0847 was discovered by security researcher Max Kellermann; it took another few months for him to figure out what was happening. The flaw has already been patched in the Linux kernel and the Android kernel. Affected Linux distributions are in the process of pushing out security updates with the patch. Due to the similarities of the Dirty Cow flaw, CVE-2016-5195; has been named Dirty Pipe.

2021 was an interesting year for all of us working in IT security. It wasn’t just the spike in supply chain attacks, most notably SolarWinds and Kasaya. It wasn’t just the waves of vulnerabilities leading to privileged access and remote code execution (RCE) in Microsoft Exchange, in printer drivers, externally exposed remote desktop protocol (RDP), and, of course, in OSS projects like Log4J.