Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Australia is leading the way when it comes to improving overall cybersecurity for the country. The government recently announced the Australian Cyber Security Strategy aimed at improving IT infrastructure to maintain a high level of security for agencies, businesses, and users. Their goal is to create the most cyber secure nation in 2023.

It’s good to be on top. G2 has recognized Arctic Wolf® Managed Detection and Response (MDR) as the top overall MDR solution. As the leader in security operations, we help thousands of organizations across industries and around the globe end cyber risk through 24×7 monitoring that helps organizations detect, respond, and recover from modern cyber attacks. It’s an honor to be recognized by G2.

Artificial intelligence has arguably overstayed its welcome as a buzzword in the technology realm, leading to debates around the efficacy of the tool and definition of the term for the better part of two decades. But in the world of cybersecurity, businesses are just beginning to reap the benefits of advanced machine learning models that can actually keep up with ever-changing threats from cybercriminals with nothing but time on their hands to break algorithm-based defenses.

In 2022, the healthcare industry set a record no one will be eager to break. According to IBM’s 2022 Cost of a Data Breach report, the average cost of a breach in healthcare climbed to $10.1 million dollars, making it the industry with the highest average breach cost for 12 years running. Meanwhile, 57% of organizations are planning to increase their cybersecurity budgets in 2023.

What do public school students, BMW dealers, Canadian defense engineers, and the world’s richest human have in common? They all fell victim to some manner of cybercrime during March. We’ve seen time and time again that no group is off-limits in the world of cybercrime, and the span of attacks we’re covering this month highlights cybercriminals lack of preference when there’s data and money on the line.

It’s natural for people to let down their guard when hunting for great deals or responding to one-time requests from coworkers trying to plan their vacations. But threat actors don’t take time off, and as recent history has shown from Log4J and Kaseya attacks, attackers are poised to do the most damage when their targets are off celebrating outside the office.

As cybercrime evolves and organizations migrate to the digital realm, there’s been an ongoing race among businesses to evade bad actors, stay ahead of emerging threats, and mature their security posture. While tools are a critical component of these proactive and reactive defenses, tools alone are not enough, especially when it comes to telemetry.

On Wednesday, March 29, 2023, details of unexpected malicious activity observed from the legitimate and cryptographically signed 3CX SoftPhone Desktop App application were shared in a blog post by security researchers at Crowdstrike.

The “Great Resignation” is still well underway, further impacting a cybersecurity industry with a historically low retention rate. According to a report published by Enterprise Strategy Group in partnership with Information Systems Security Association International, 76% of organizations say it is difficult to recruit and hire security professionals.

On Saturday, March 18, 2023, Horizon3 researchers released a proof-of-concept (PoC) exploit for CVE-2023-27532, a high-severity missing authentication vulnerability impacting Veeam Backup and Replication (VBR) software. Based on Horizon3’s technical analysis published on March 23rd, the PoC exploit allows a remote unauthenticated threat actor with access to the VBR service to obtain plaintext usernames and passwords.