Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

How Your Healthcare Organization Can Achieve Cloud Cybersecurity and Compliance

Healthcare leaders are embracing cloud technologies to connect information across the continuum of care, engage more patients, and unlock the potential of health data. While the cloud streamlines healthcare operations, it also presents challenges for organizations that must meet the stringent data security requirements of HIPAA and other security standards.

Microsoft Exchange On-Prem Zero-Day Vulnerabilities Exploited in the Wild

On Thursday, September 29th, 2022, GTSC–a Vietnam-based cybersecurity company–published a blog detailing intrusion they investigated that chained together two exploits for Microsoft Exchange zero-day vulnerabilities to achieve remote code execution (RCE). Technical details around how to exploit these vulnerabilities were not provided.

Cybersecurity Awareness Month: The Importance of Enabling MFA

Welcome to October, the spookiest month of the year! No, we’re not talking cute kids dressed as their favorite cartoon character on a mission to collect a mountain of candy. That’s a treat. We’re here to talk about the tricks, and how you can keep from falling for them. That’s right, it’s Cybersecurity Awareness Month!

1H 2022 Incident Response Insights from Arctic Wolf Labs

Arctic Wolf Labs regularly collects and analyzes data and insights from the incident response activities of Arctic Wolf’s incident response business unit, Tetra Defense. These insights, as laid out in the charts and graphs in this blog, enhance the threat detection capabilities of the Arctic Wolf Security Operations Cloud, and are leveraged by Arctic Wolf’s community of partners.

CVE-2022-3236 - Remote Code Execution Vulnerability in Sophos Firewall

On Friday, September 23, 2022, Sophos disclosed a critical code injection vulnerability impacting Sophos Firewall. This vulnerability, assigned CVE-2022-3236, affects Sophos Firewall versions v19.0 MR1 (19.0.1) and older and could lead to remote code execution. In order for a threat actor to exploit this vulnerability, WAN access would need to be enabled for the Webadmin and User Portal consoles.

16 Threat Intelligence Terms Everyone Should Know

Understanding the ins and outs of threat intelligence can be complicated for an organization. If your business is anything but cyber, it’s understandable to be overwhelmed by terms like ransomware, cryptocurrency, and DDoS attacks, especially in relation to your systems and assets. That’s okay.

Insight Into The Strengthening America Cybersecurity Act

Signed into law in March of 2022, the Strengthening American Cybersecurity Act (SACA) gives federal authorities an overview of all cyber attacks against critical infrastructure in the United States for the very first time. SACA has three parts: SACA comes at a time when governments are facing a significant paradigm shift.

What We Can Learn from the 'Prompt-bomb' Uber Hack

It was the worst-case scenario for Uber, the popular ride-sharing app, when the company suffered a major data breach in early September. While the extent of the damage, and the data potentially stolen, is still being uncovered, the attack — and the methods used to execute it — can be examined and used to teach other organizations what (and what not) to do.