Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

How Legal Organizations Can Address The Evolving Threat Landscape

Of the many industries attracting threat actor attention, the legal sector is gaining heightened interest from run-of-the-mill cybercriminals and nation-state actors alike. In late February, the State Bar of California disclosed that it experienced a breach allowing access to thousands of case records and case profile data, along with confidential court records.

Critical Authentication Bypass Vulnerability in VMware Products - CVE-2022-22972

On Wednesday, May 18, 2022, VMware published an advisory (VMSA-2022-0014) to address multiple vulnerabilities, including CVE-2022-22972, an authentication bypass vulnerability affecting VMware Workspace ONE Access, Identity Manager, and vRealize Automation. This vulnerability was assigned a CVSSv3 score of 9.8, making it a critical vulnerability.

Critical Unauthenticated RCE Vulnerability in Zyxel Firewalls - CVE-2022-30525

On Thursday, May 12, 2022, Zyxel released a patch advisory for an unauthenticated remote code execution (RCE) vulnerability in their line of Firewall products tracked as CVE-2022-30525. The exploitation of this vulnerability can allow a threat actor to modify specific files and execute code remotely on a vulnerable appliance. Proof of Concept (PoC) exploit code for this vulnerability has been made publicly available via multiple sources.

Arctic Wolf Leads Cybersecurity Rankings in 2022 CNBC Disruptor 50 List

We are thrilled to announce that Arctic Wolf has made the 2022 CNBC Disruptor 50 list, the company’s tenth annual ranking of the most game-changing private companies using technology to advance their industry. This list identifies fast-growing, innovative start-ups and Arctic Wolf is recognized for its revolutionary role in bringing security operations to organizations of all sizes, leading the few cybersecurity companies included on this year’s list.

PoC Exploit for Active Directory Certificate Services Vulnerability (CVE-2022-26923) Creates Path to Domain Admin

On Tuesday, May 10, 2022, security researcher Oliver Lyak published a PoC exploit for CVE- 2022-26923, a privilege escalation vulnerability impacting Active Directory Domain Services with a CVSS score of 8.8 and high severity. The vulnerability allows a threat actor who has already compromised a user account to elevate privileges to Domain Admin, if Active Directory Certificates Services is running on the domain. Microsoft patched the vulnerability in May’s Patch Tuesday release.

Cybersecurity 101: Basic Terminology You Need to Know

The constantly changing world of cybersecurity can leave you longing for an understanding of today's modern threats. A solid foundation of cybersecurity terminology is a great first step toward understanding the world of cyber threats and how to help minimize and mitigate risk for your organization. But with more acronyms added every year, it can be a daunting task to keep up. Thankfully, we're here to help.

BIG-IP iControl REST Critical Authentication Bypass Vulnerability - CVE-2022-1388

On Wednesday, May 4, 2022, F5 disclosed a critical-severity vulnerability impacting the iControl REST authentication of BIG-IP systems being tracked as CVE-2022-1388. If successfully exploited, the vulnerability could lead to Authentication Bypass, which could allow a threat actor to execute arbitrary system commands, perform file actions, and disable services on BIG-IP. BIG-IQ Centralized Management, F5OS-A, F5OS-C, and Traffic SDC are not impacted by CVE-2022-1388.

Top Cyber Attacks of April 2022

The attacks came from all corners in the past month, as cybercriminals used administrative access codes, stolen internal data, laser-focused programming tools, and even humble job applications to worm their way into organizations' inner workings. Let's look at some of the strange and sinister innovations that shaped the world of cybercrime this April.

Critical Vulnerability in Multiple WSO2 Products Exploited - CVE-2022-29464

Over the past week, threat actors have started scanning for and opportunistically exploiting CVE-2022-29464--a remote code execution vulnerability in multiple WSO2 products used to integrate application programming interfaces (API), applications, and web services. CVE-2022-29464 vulnerability has a CVSS score of 9.8 and severity of Critical which allowed unauthenticated and remote attackers to execute arbitrary code in the following products.