On Thursday, March 31, 2022, GitLab released an advisory for a critical password security vulnerability in GitLab Community and Enterprise products tracked as CVE-2022-1162. GitLab is DevOps software that combines the ability to develop, secure, and operate software in a single application. The exploitation of CVE-2022-1162 can allow a threat actor to guess a hard-coded password for any GitLab account with relative ease.

“May you live in interesting times.” Cybersecurity professionals live this phrase every day. From supply-chain attacks, pervasive exposure from zero-day vulnerabilities, or the dramatic rise in ransomware, we undoubtedly live—and work—in interesting times.

In December 2021, the cybersecurity industry was made aware of CVE-2021-44228, known as Log4Shell, a novel vulnerability in a commonly found software component called Java Log4j. Arctic Wolf extensively covered the Log4Shell vulnerability and gave updates as it got involved.

CVE-2022-1040 and CVE-2022-22247 are two recent vulnerabilities that have been discovered in two different Firewall products. This blog post will cover both the Sophos Firewall vulnerability (CVE-2022-1040) and the SonicWall Firewall vulnerability (CVE-2022-22247).

By now, pretty much anyone who uses email is familiar with the term “phishing,” and is aware of the prevalence of phishing scams. However, the term “spear phishing”—and what it means exactly—might be a bit more elusive. Essentially, spear phishing is a more targeted and socially engineered version of a spray-and-pray, bait-and-hook, phishing email.

Comparing and contrasting the effectiveness of Vulnerability Assessment (VA), Vulnerability Management (VM), Risk-Based Vulnerability Management (RBVM), and Managed Risk®. Performing a vulnerability assessment (VA), implementing a vulnerability management (VM) program, and upgrading your proactive security program with a risk-based vulnerability management (RBVM) approach may help your organization effectively deal with cybersecurity vulnerabilities.

On Monday, March 21, 2022, Okta, an enterprise identity and access management firm, launched an inquiry after the Lapsus$ hacking group posted screenshots on their Telegram channel that the hackers claimed were taken after obtaining access to "Okta.com Superuser/Admin and various other systems." The screenshots that Lapsus$ provided included time stamps consistent with the January 16-21 timeframe provided by Okta.

Amidst the turmoil of the Ukraine-Russia conflict, incident responders and ransomware researchers observed several ransomware gangs publish statements on their dark web blog sites. Some actors asserted the apolitical nature of their operations, while others clearly favored a side. Most notably, the Conti ransomware group posted a public statement in support of Russia with a stern warning of retaliation on February 25, 2022.

An increasing number of modern security conscious companies have Chief Information Security Officers (CISOs) on the payroll to help them manage their environment from increasingly sophisticated cyber threats. Unfortunately, many other organizations are not currently able to employ a full time CISO. This can be related to a series of contributing factors including a lack of necessary budget, competing priorities, or unfilled vacancies due to a shortage of qualified candidates.

The Common Vulnerability Scoring System (aka CVSS score) provides a numerical (0-10) representation of the severity of an information security vulnerability.