Today, many organizations have a security awareness program of some kind. Whether it’s annual compliance training or the orientation video warning new employees about phishing, it’s almost a standard now among industries. However, security awareness programs vary in frequency, details, and execution. And it’s that variability which, unfortunately, can become a vulnerability. Employees and users are the first line of defense against a cyberattack.

Welcome to the first episode of Authenticated, a new series from Arctic Wolf Labs designed to break down our fundamental, people-driven approach to cybersecurity. Led by Arctic Wolf Chief Product Officer Dan Schiappa, Authenticated explores how we’re reinventing the cybersecurity industry one innovation at a time.

While much of the media focus is on cyber attacks in the private sector, government is no stranger to cybercrime. According to Verizon’s 2021 Data Breach Investigations Report, the public sector experienced 3,236, or 11% of the attacks analyzed in the report, not even taking into account nation-state attacks. Unfortunately, governments of every size in every country can become targets, as there’s no end in sight to public-sector attacks.

Security threats evolve just as fast as the technologies used to stop them. New and modified attack strategies are constantly in the works. To make matters worse, the attack surface within corporate networks is expanding. The push to work from home increased vulnerable points of entry by introducing multitudes of new endpoint devices. The move to cloud-based services and infrastructure has further resulted in a broader and more challenging landscape to defend.

Not everyone had the luxury of enjoying BBQ and backyard time during Fourth of July weekend. Kaseya, an IT management software provider, spent their 2021 holiday fighting a ransomware attack. You likely saw news of the attack in headlines over that holiday weekend, especially considering Kaseya is a technology provider to thousands of managed service providers.

Stop me if you’ve heard this one: “we’re finding it really difficult to fill cyber roles.” In recent years, cyber-attacks have transcended industries and demographics — as has the need for strong, proactive cybersecurity. In the modern cyber landscape, everyone is a target, and every business needs to defend themselves against cyber threats. That means more organizations are on the lookout for security professionals.

Given the complex nature of today’s IT infrastructures, organizations need to understand how to design security programs in a way that monitors and protects every aspect of their network. Too often headlines have been made by complex networks lacking the necessary visibility to detect threats before it is too late. A big part of that visibility revolves around what many consider to be the foundation of network architecture: the endpoints.

At the heart of almost every business interaction lies trust. Whether logging in to a website, providing information over the phone, or interacting via email, trust is essential when the communication involves money, sensitive data, or both. To win a victim’s trust, gain access to a secure system, receive sensitive data, or insert malicious software, cybercriminals use various tools and tactics to mask their identity or disguise their devices. These tactics are the foundation of a spoofing attack.

The only constant you can count on in technology is change. From microprocessors to PCs to smartphones to software, technology continues to become faster, smarter, and more sophisticated. But make no mistake: what’s changed the most in the world of technology over the past few decades is the hacker. Hackers are highly motivated to stay ahead of the latest security trends. It’s how they keep from getting caught, and how they keep the fun and profit rolling.

The business world is changing fast. The shift to hybrid or remote models and the rapid adoption of cloud services are allowing employees to work from anywhere, while giving the companies they work for the chance to increase innovation and stay ahead of their competition. The cybersecurity industry has changed as well, with those same innovations creating new challenges for IT and security teams.

On Wednesday, August 3, 2022, Cisco disclosed two critical-severity vulnerabilities (CVE-2022-20842 and CVE-2022-20827) impacting RV160, RV260, RV340, and RV345 series small business routers. Both vulnerabilities are due to insufficient validation but differ in how they are exploited.

Exciting times are here at Arctic Wolf. This week, we celebrated a pair of awards recognizing our status as an industry innovator and employer of choice, with rankings on both the Forbes Cloud 100 and Fortune Best Medium Workplaces list.

On Tuesday, August 2, 2022, VMware disclosed a critical-severity authentication bypass vulnerability (CVE-2022-31656) impacting multiple VMware products, including VMware’s Workspace ONE Access, Identity Manager (vIDM), and vRealize automation. If successfully exploited, the vulnerability could allow a threat actor with network access to the user interface to obtain administrative access without needing to authenticate.

It was an exceptionally hot July in many parts of the world, and cyberspace was no exception. High profile hacks in July affected people in all walks of life, from casual gamers and social media posters to air travelers and medical patients. Still, we hate to be the bearers of exclusively bad news, so we’ve included one silver lining amongst our usual bank of dark clouds.

The data in the new Verizon “Data Breach Investigations Report” (DBIR) offers critical insights into the current state of cybersecurity. After a year of data breaches and cyberattacks consistently dominating headlines, this year’s report closely examines what adversaries are looking for when they’re trying to infiltrate businesses and organizations.