The world is in a tumultuous place at the time of this writing, with all eyes on the escalating ground war unfolding in Ukraine. As devastating as the news has been, cybersecurity observers are well aware of the unseen battles unfolding simultaneously in cyberspace. The importance of businesses, governments, and other organizations protecting vital systems and sensitive data has never faced such a stark context.

We are excited to share that Arctic Wolf® is ranked 42nd on Fast Company’s Top 50 Most Innovative Companies List, and number 2 in the award’s Security category. This prestigious list recognizes businesses that are making the biggest impact within their industries and on culture as a whole—companies thriving in today’s dynamics. At Arctic Wolf, we constantly innovate because cyber threats are continually impacting our world, whether as organizations or as individuals.

In April 2021, CVE-2022-0847 was discovered by security researcher Max Kellermann; it took another few months for him to figure out what was happening. The flaw has already been patched in the Linux kernel and the Android kernel. Affected Linux distributions are in the process of pushing out security updates with the patch. Due to the similarities of the Dirty Cow flaw, CVE-2016-5195; has been named Dirty Pipe.

2021 was an interesting year for all of us working in IT security. It wasn’t just the spike in supply chain attacks, most notably SolarWinds and Kasaya. It wasn’t just the waves of vulnerabilities leading to privileged access and remote code execution (RCE) in Microsoft Exchange, in printer drivers, externally exposed remote desktop protocol (RDP), and, of course, in OSS projects like Log4J.

On Tuesday, February 8, 2022, SAP patched a critical memory corruption vulnerability (CVE-2022-22536) in the SAP Internet Communication Manager (ICM) component that could lead to full system takeover without authentication or user interaction. The ICM component is present in most SAP products and is an important component in SAP NetWeaver application servers.

On February 9, the U.S. Securities and Exchange Commission (SEC) issued proposed rules regarding cybersecurity risk management for investment advisers, registered investment companies, and business development companies. It's no surprise that the SEC is taking a more active role in this, given their continued interest in cybersecurity issues and high-profile ransomware attacks.

-On February 23, 2022, multiple security vendors with a business presence in Ukraine identified a new wiper malware primarily impacting Ukrainian organizations in at least the aviation, defense, financial, and IT services industries. In at least one intrusion, Symantec observed the wiper malware impact devices in Lithuania. -Researchers identified HermeticWiper shortly after a DDoS attack targeted Ukrainian websites earlier that day.

There is already a well-documented history of cyber attacks targeting organizations in Ukraine - including the attack attributed to members of the Russian military intelligence group GRU - NotPetya. This threat actor has previously conducted attacks known as NotPetya, BlackEnergy, and has targeted high-profile events such as the Olympics, as well as perpetrated destructive attacks against Georgia.

By now it’s become clear—hybrid and remote work are here to stay. This goes for employees in the government sector as much as it does for those in other industries. Along with increased flexibility, however, comes increased attack surfaces for security professionals to defend.

Late last year, The Canadian Center for Cyber Security published an in-depth threat bulletin declaring it had knowledge of 235 ransomware incidents against Canadian victims from in 2021, with more than half of these victims being critical infrastructure providers. The report also explains that most ransomware events remain unreported to the Center, and—based on past findings—once targeted, ransomware victims are often attacked multiple times.