|
By Arctic Wolf Labs
In late May and early June 2026, Arctic Wolf began observing increased exploitation of CVE-2026-0257, a high-severity authentication bypass vulnerability affecting Palo Alto Networks PAN-OS GlobalProtect and Prisma Access. The increase in CVE-2026-0257 exploitation began on May 30, 2026, following a smaller initial wave that had taken place between May 17 and May 21.
|
By Dan Schiappa
The cybersecurity industry is entering a new phase of AI adoption. Frontier AI models are increasingly capable of identifying vulnerabilities, investigating threats, analyzing code, and accelerating security operations at machine speed. At the same time, innovation is moving rapidly. New models, platforms, and security-focused AI initiatives are emerging across the market, each pushing the boundaries of how AI can be applied to real-world cybersecurity workflows.
|
By Arctic Wolf
Endpoint security has become one of the most difficult layers of the modern security stack to operate effectively. Endpoints sit at the intersection of user behavior, identity compromise, phishing, ransomware, and hands‑on‑keyboard activity. At the same time, attackers increasingly rely on fileless techniques, memory abuse, and legitimate tooling to evade signature‑based defenses.
|
By Arctic Wolf
Security teams are not struggling to find vulnerabilities. They are struggling to deal with them in a way that actually reduces risk. Most environments generate thousands of new findings every month. While vulnerability scanners, cloud tools, and endpoint platforms all contribute, that data does not come together in a way that is actionable. Teams end up with long lists of vulnerabilities, limited context, and no clear way to determine what should be fixed first.
|
By Arctic Wolf Labs
The 2026 FIFA World Cup is a once-in-a-generation opportunity, and threat actors have already begun capitalizing on it. The 2026 FIFA World Cup, set to kick off on June 11, has already broken records for the most host nations, the most matches, and the highest amount of prize money to date for winning teams. Arctic Wolf set out to proactively investigate the criminal ecosystem surrounding the tournament.
|
By Dan Deeth
The conversation around AI in cybersecurity is changing. The first question was whether AI could help security teams move faster. It can. AI-led security operations can accelerate investigations, correlate signals, reduce manual work, and help defenders respond at the speed modern threats demand. But as AI moves from experimentation into production, the next question becomes harder: can organizations operate it at scale without creating a new cost problem?
|
By Stephen McKay
Mobile devices are becoming the highest‑trusted endpoints that are the least protected. They approve logins. They hold authentication apps. They carry email, collaboration, and business applications. And they travel everywhere your workforce travels: across corporate networks, home Wi‑Fi, airports, hotels, and cafés. That combination (high trust plus constant movement) is why mobile has become such a reliable entry point for credential theft and account takeover.
|
By Arctic Wolf Labs
In our previous post, Token Bingo: Don’t Let Your Code Be the Winner, we documented Kali365, a phishing-as-a-service (PhaaS) kit abusing Microsoft’s OAuth 2.0 device authorization flow to steal Entra ID tokens. In this follow-up report, we track the same operator into new territory as they expand their operation and infrastructure.
|
By Arctic Wolf
Security teams are being asked to operate at machine speed while still making decisions they can trust. Attackers move faster. Exposure changes continuously. Manual workflows struggle to keep up. Following the recent announcement of the Aurora Superintelligence Platform and Aurora Agentic SOC, Arctic Wolf continues to advance its portfolio with new capabilities that help teams see risk clearly, prioritize what matters, and act with confidence.
|
By Arctic Wolf Labs
In May 2026, Arctic Wolf observed a cluster of malicious activity affecting endpoints managed by FortiClient Endpoint Management Server (EMS). The malicious payload was disguised as a fake Fortinet endpoint patch, but it was actually a credential stealer. We named this payload EKZ Infostealer, based on internal symbol names extracted from decrypted code.
|
By Arctic Wolf Networks
This video will demonstrate how Arctic Wolf's Aurora Threat Intelligence enables customers to defend to against new and emerging threats through engaging content, actionable intelligence, IoC lists and automated feeds.
|
By Arctic Wolf Networks
In this demo, Aurora Managed Endpoint Defense shows how human expertise and EDR work together to rapidly detect, investigate, and respond to threats; giving customers stronger protection, faster results, and improved security posture.
|
By Arctic Wolf Networks
In this demo, Aurora Managed Endpoint Defense shows how human expertise and EDR work together to rapidly detect, investigate, and respond to threats; giving customers stronger protection, faster results, and improved security posture.
|
By Arctic Wolf Networks
In this demo, we will see how Aurora Vulnerability Management helps organizations discover and categorize assets, prioritize risks, and take action to remediate and patch vulnerabilities.
|
By Arctic Wolf Networks
How Arctic Wolf Aurora Mobile Threat Defense secures the full mobile attack surface—devices, apps, networks, phishing, and privacy—in one unified platform. This demo highlights real‑time visibility, actionable insights, and automated response to reduce mobile risk.
|
By Arctic Wolf Networks
Powering modern security operations with AI is no longer optional. It’s essential. The Aurora Superintelligence Platform is built for the AI era, combining specialized AI agents, real-world security data, and human expertise to deliver outcomes security teams can trust. At its core, the Swarm of Experts, Security Operations Graph, and AI Trust Engine work together to drive faster detection, more accurate investigations, and more decisive response across the attack surface.
|
By Arctic Wolf Networks
In this demo, we will look at three different use cases for the Aurora Security Assistant including general security knowledge, deeper ticket context and quick answers around self-service and product documentation.
|
By Arctic Wolf Networks
See how Arctic Wolf Aurora Vulnerability Management turns risk visibility into remediation through seamless integrations with partners like ServiceNow and ConnectWise. This demo shows how automated ticketing, unified workflows, and prioritized findings help security and IT teams accelerate remediation without added workload.
|
By Arctic Wolf Networks
This month, we sit down with Will May, our new Chief Revenue Officer. Take a listen to get to know Will, his leadership philosophy, how he's using AI in his every day, and so much more! Will brings more than 15 years of go-to-market leadership experience across high-growth software, cybersecurity, and cloud technology companies. He has built a strong reputation for helping organizations adopt innovative technologies—including AI-driven platforms—to improve operational efficiency, reduce complexity, and deliver measurable business value.
|
By Arctic Wolf Networks
This demo will illustrate how Aurora Attack Surface Management builds a continuously updated attack surface inventory, correlates asset and exposure data from multiple sources, and identifies gaps in security controls. It enables prioritization and remediation verification so that organizations can focus on what matters most and effectively drive risk reduction.
|
By Arctic Wolf
Security information and event management (SIEM), security orchestration, automation, and response (SOAR), and the newer extended detection and response (XDR) solutions have become the top choices for organizations wanting a unified view of activity within their IT environments. By combining relevant data into single consoles, XDR, SIEM and SOAR technologies minimize the time analysts spend moving between platforms and make it easier to correlate the data and develop subsequent steps appropriately.
|
By Arctic Wolf
The Health Insurance Portability and Accountability Act (HIPAA) Security Rule focuses on the safeguarding of electronic protected health information (ePHI) through the implementation of administrative, physical, and technical safeguards.
|
By Arctic Wolf
Financial institutions, particularly regional banks and credit unions, are facing challenges both in terms of safeguarding data of their customers and meeting data security compliance standards. Information technology (IT) teams in these institutions are stretched thin. They struggle with needing to meet compliance obligations while simultaneously combatting cyberthreats.
- June 2026 (12)
- May 2026 (19)
- April 2026 (14)
- March 2026 (21)
- February 2026 (15)
- January 2026 (20)
- December 2025 (14)
- November 2025 (11)
- October 2025 (17)
- September 2025 (24)
- August 2025 (20)
- July 2025 (25)
- June 2025 (20)
- May 2025 (17)
- April 2025 (16)
- March 2025 (16)
- February 2025 (7)
- January 2025 (18)
- December 2024 (17)
- November 2024 (11)
- October 2024 (14)
- September 2024 (22)
- August 2024 (13)
- July 2024 (22)
- June 2024 (18)
- May 2024 (14)
- April 2024 (15)
- March 2024 (11)
- February 2024 (16)
- January 2024 (17)
- December 2023 (12)
- November 2023 (15)
- October 2023 (13)
- September 2023 (14)
- August 2023 (18)
- July 2023 (23)
- June 2023 (19)
- May 2023 (17)
- April 2023 (17)
- March 2023 (22)
- February 2023 (23)
- January 2023 (14)
- December 2022 (19)
- November 2022 (16)
- October 2022 (23)
- September 2022 (22)
- August 2022 (14)
- July 2022 (9)
- June 2022 (11)
- May 2022 (12)
- April 2022 (17)
- March 2022 (13)
- February 2022 (9)
- January 2022 (10)
- December 2021 (13)
- November 2021 (16)
- October 2021 (6)
- September 2021 (8)
- May 2021 (2)
- November 2020 (2)
- August 2020 (1)
- November 2019 (1)
- August 2019 (1)
- March 2017 (2)
Cybersecurity is a field that requires 24x7 vigilance and constant adaptation. Arctic Wolf’s cloud native platform and Concierge Security® Team delivers uniquely effective solutions.
The cybersecurity industry has an effectiveness problem. New technologies, vendors, and solutions emerge every year—yet, we still see headlines filled with high-profile breaches. Many attacks occur – not because a product failed to raise an alert – they fail because the alert was missed or was not actioned on. To prevent these attacks, the industry needs to adopt a new approach by focusing on security operations. That’s where Arctic Wolf can help.
Arctic Wolf® Platform
Spanning thousands of installations, the Arctic Wolf® Platform processes over 200 billion security events daily. The platform collects and enriches endpoint, network, and cloud telemetry, and then analyzes it with multiple detection engines. Machine learning and custom detection rules then deliver personalized protection for your organization.
While other products have limited visibility, the vendor-neutral Arctic Wolf® Platform enables broad visibility and works seamlessly with existing technology stacks, making it easy to adopt while eliminating blind spots and vendor lock-in.
Concierge Security® Team
Arctic Wolf invented the concept of Concierge Security®. With this delivery model, we pair a team of our security operations experts directly with your IT or security staff. Your Concierge Security® Team gives you 24×7 eyes-on-glass coverage. We work with your team on an ongoing basis to learn your security needs so that they can tune solutions for maximum effectiveness and ensure that your security posture gets stronger over time.
The Concierge Security® Team combines deep security operations expertise with an understanding of your environment to deliver better outcomes. We take on tactical actions like threat hunting and alert prioritization, and strategic tasks like security posture reviews and risk management.