On November 19, 2024, Arctic Wolf began observing active exploitation of the recently-disclosed CVE-2024-0012 and CVE-2024-9474 vulnerabilities impacting Palo Alto Networks PAN-OS software. When chained together, these vulnerabilities allow an unauthenticated threat actor with network access to the management web interface to gain administrator privileges.

If you answer a robocall, avoid interacting with the caller by not speaking or pressing any numbers on your phone’s keypad and hanging up immediately. Robocalls are phone calls that use pre-recorded messages; since these callers are not human beings speaking in real time, these phone calls are known as robocalls because their inauthentic nature makes them seem robotic.

You can remove your personal information from the internet by requesting that Google and people search sites remove it, checking if your credit card offers any removal services, deleting unused accounts and adjusting your privacy settings. Removing your Personally Identifiable Information (PII) from the internet can prevent cybercriminals from stealing your identity, committing fraud and targeting you with spam.

Are you a service organization seeking an audit to gain customers’ trust? Or maybe you are looking to attract prospective clients by proving how serious you are with customers’ data. If that is the case, you have come to the right place.

NIST, or the National Institute of Standards and Technology, is a U.S. federal government agency that creates frameworks and publications to manage organisations’ security requirements. NIST has released many Special Publications (SP), each containing several guidelines and security controls. One of the most comprehensive frameworks under NIST is the SP 800-53. Initially designed for federal agencies, this framework has become increasingly relevant for businesses of all sizes.

About five years ago, I was having trouble with an expensive brand-name refrigerator that my wife and I had bought. It was a great refrigerator feature-wise. My wife and I initially loved it. But it kept breaking. And each break, even though it was covered by the warranty, took weeks and weeks to repair.

The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access. I’ve stood on the “phishing is a problem” soapbox for many years, attempting to focus the attention of cybersecurity teams on the single largest problem within the organization: the employees that fall for social engineering tactics time and time again.