Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On Tuesday May 9th, 2023, CISA published a Joint Cybersecurity Advisory titled “Hunting Russian Intelligence ‘Snake’ Malware” which provided an in-depth analysis of the Russian Federal Security Services’ (FSB) Snake malware. Arctic Wolf Labs has analyzed the advisory and have summarized the content into key findings and takeaways for the security community.

Phishing emails are a tremendous threat and one of the most common vehicles cyber criminals use to trick employees and succeed in their attacks. Cybercriminals are on a mission to gain access to sensitive information, such as login credentials, business information, customer data, or financial data. Despite the best efforts by IT departments and security professionals to put the proper filters in place, cybercriminals still often find a way to get into employee inboxes with their phishing schemes.

Too many organizations fail to see advanced threats as they make their way into and through their systems. This is partially because organizations have too many tools feeding them more information than their staff can handle, and partially because those tools are siloed off and improperly managed, preventing comprehensive information and complete understanding of what’s happening within an organization’s IT infrastructure.

Cyber attacks are increasing. You’ve seen the headlines about ransomware and business email compromise and various social engineering tricks, and they’re all true. The cybercrime landscape is growing in volume and complexity, vulnerability numbers are increasing year over year, and user error is leading to over a quarter of incidents observed by Arctic Wolf® Incident Response.

In the past decade, cybersecurity has evolved from something of a niche technical field into a crucial part of every business plan and online code of conduct. Even so, we still see frequent evidence that many organizations are in need of more education about how to respond to a cyber attack. That was evident this April, as we saw the results of several high-profile cyber attacks that may have been worsened by a slow or poorly considered reaction.

Oracle recently released their Critical Patch Update addressing 433 vulnerabilities across their products, including a vulnerability in the Oracle Hospitality OPERA 5 Property Services product. According to Oracle’s vulnerability description, CVE-2023-21932 is a difficult– to– exploit vulnerability, requiring network access via HTTP and high privileges.

Threat actors have turned cybercrime into big business — a $1.5T USD industry where a ransomware attack occurs every 11 seconds. Each year, the cybersecurity industry works diligently to launch and refine tools, technologies, and solutions. The bad news? So do cybercriminals. Their nefarious innovations continue to leave organizations reeling from cyber attacks that steal data, damage reputations, and put serious dents in annual budgets.

Switching your telephone network to Voice over Internet Protocol (VoIP) has noticeable advantages. Users can experience stronger connectivity, significant cost reductions, and a centralized system. But what users also experience are new cybersecurity risks. The question becomes, then, are VoIP savings worth the costs to security?

The cloud is king. 94% of organizations rely on the public cloud in some capacity, and 84% have a “multi-cloud” strategy. The rise of hybrid and remote work, the proliferation of software-as-a-service (SaaS) and Internet of Things (IoT) devices, and the general digitization of once analog industries has turned the cloud into a “must-have,” especially with its pricing, space, and ability to be accessed from anywhere. But with new technologies comes new threats.