Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2022

Learn How The Arctic Wolf Security Journey Ends Your Cyber Risk

Nov 30, 2022 By Arctic Wolf In Arctic Wolf
What is a security journey and how does your organization begin one? The answer lies in partnership. The Arctic Wolf security journey is custom designed to help your organization end cyber risk. By looking at the specifics of your organization and your security and business goals, we operate as a partner to implement strategic actions that minimize your risk and improve your overall security posture. With our VP of Product Marketing, Matt Trushinski, learn how our security journey strategies help your organization end cyber risk.
View Video

How Arctic Wolf Disrupts Business Email Compromise Attacks

Nov 30, 2022 By Arctic Wolf In Arctic Wolf
Despite not getting the same amount of headlines as ransomware and other kinds of cyber attacks, business email compromise (BEC) costs organizations much more than ransomware and causes more damage. With our Regional VP of Sales Engineering, Brandon Tschida, learn how a BEC attack works and how Arctic Wolf can help your organization stop this kind of cyber attack before it even begins.
View Video

Incident Response Can Stop Attacks and Reduce Cyber Risk

Nov 30, 2022 By Arctic Wolf In Arctic Wolf
Unfortunately, cyber incidents are inevitable. But we can reduce the likelihood of cyber risk and reduce incident damage. Join our VP of Product Marketing, Matt Trushinski as he explains how Arctic Wolf’s Managed Detection and Response helps organization recognize potential threats and remediate and recover after an incident. Incident readiness is the best defense against cyber attacks, and Arctic Wolf always has your back.
View Video
Arctic Wolf

The Real Causes of the Rapid Cyber Insurance Rate Increase

Nov 29, 2022 By Arctic Wolf In Arctic Wolf
Cyber insurance is a necessity in today’s cybersecurity landscape, especially in the wake of widespread ransomware attacks on commercial businesses of all sizes. A cyber insurance policy enables companies to transfer the cost of recovering from cyber incidents. In the event of a data breach, your cyber insurance policy can cover the costs of damages to others, profits lost if your network goes down, and the cost of negotiating ransomware.
Read Post
Arctic Wolf

The Current State of Cybersecurity Compliance

Nov 23, 2022 By Arctic Wolf In Arctic Wolf
The trends shaping the industry, and the challenges impacting implementation Meeting compliance requirements is essential to building a successful and trustworthy security program. However, it’s an area of cybersecurity too often overlooked, as it’s hardly the most glamorous field in the industry.
Read Post
Arctic Wolf

Understanding the Big Business of Cybercrime

Nov 17, 2022 By Arctic Wolf In Arctic Wolf
Cybercrime is lucrative. This world of hackers, malware, and brokers is now a trillion-dollar industry, the number one threat to the global economy, and is showing zero signs of slowing down. Fueled by the digital revolution, the global shift to a hybrid work model, and the rapid adoption of the cloud, more avenues have opened for threat actors to exploit. And their attack methods continue to evolve, with new innovations staying a step ahead of a cybersecurity industry determined to stop them.
Read Post
Arctic Wolf

Understanding the Nine Requirements of the FTC Safeguards Rule for Auto Dealerships

Nov 15, 2022 By Louis Evans In Arctic Wolf
With December 9 just weeks away, auto dealerships need to prepare for changes in the FTC Safeguards rule and understand how they’re going to move forward in compliance with the new rule. With roots in the Gramm-Leach-Bliley Act (GLBA), the Safeguards Rule expands the definition of “financial institution” to include a broader swath of industries that provide financial services to customers.
Read Post
Arctic Wolf

Three Critical Vulnerabilities Impacting VMware Workspace ONE Assist Server CVE-2022-31685, CVE-2022-31686 and CVE-2022-31687

Nov 10, 2022 By Steven Campbell In Arctic Wolf
On Tuesday, November 8, 2022, VMware disclosed three critical-severity vulnerabilities impacting VMware Workspace ONE Assist Server versions 21.x and 22.x. If successfully exploited, the reported vulnerabilities could lead to a threat actor obtaining administrative access to the application without the need to authenticate.
Read Post
Arctic Wolf

CVE-2022-27510: Citrix Gateway and Citrix ADC Critical Authentication Bypass Vulnerability, along with CVE-2022-27513 & CVE-2022-27516

Nov 9, 2022 By Adrian Korn In Arctic Wolf
On November 8th, 2022, Citrix disclosed a critical authentication bypass (CVE-2022-27510), a remote desktop takeover (CVE-2022-27513), and a user login brute force protection functionality bypass (CVE-2022-27516) vulnerability affecting several versions of Citrix ADC and Citrix Gateway. This bulletin only applies to customer-managed Citrix ADC and Citrix Gateway appliances as Citrix-managed cloud services are not affected. A threat actor could leverage these vulnerabilities in specific circumstances.
Read Post
Arctic Wolf

What Is Cloud Detection and Response and Why Do You Need It?

Nov 7, 2022 By Britt Serra In Arctic Wolf
Cloud adoption is vastly increasing. Right now, 9o% of businesses are using or plan to use a multi-cloud environment. While the cloud, which refers to internet-accessed servers that are not directly managed by the business, can help organizations scale in a cost-effective manner, they also create new cybersecurity risks.
Read Post
Arctic Wolf

The Top Cyber Attacks of October 2022

Nov 4, 2022 By Arctic Wolf In Arctic Wolf
We’ve made it through spooky season once again, but there is still plenty of scary business unfolding in the world of cybersecurity. October offered several useful cautionary tales for organizations, including a company that took fast action and averted a threat, one that overlooked a security gap for far too long, another that offered a crucial reminder about improper conduct, and one more that … well, we’re not quite sure what the heck happened with that one.
Read Post
Arctic Wolf

CVE-2022-3602 and CVE-2022-3786 - OpenSSL 3.0.X Critical Vulnerabilities

Nov 2, 2022 By Adrian Korn In Arctic Wolf
On October 25, 2022, the OpenSSL project announced the existence of a critical vulnerability in the OpenSSL library affecting OpenSSL versions 3.0.0 and above, as well as any application with an embedded, impacted OpenSSL library. This announcement did not include any details on what this vulnerability is or how it can be exploited. On November 1, 2022, a cryptographic library used for encrypting communications in a wide variety of applications on the internet.
Read Post
Arctic Wolf

CVE-2022-36537 - Critical RCE Vulnerability & Supply Chain Risks in ConnectWise Recover and R1Soft Server Backup Manager

Nov 1, 2022 By Adrian Korn In Arctic Wolf
On October 28th, 2022, ConnectWise disclosed a critical remote code execution (RCE) vulnerability affecting ConnectWise Recover (version 2.9.7 and earlier) and R1Soft Server Backup Manager (version 6.16.3 and earlier). A threat actor could leverage an authentication bypass vulnerability in these products (CVE-2022-36537) to leak server private key files, software licenses, and system configuration files and ultimately achieve RCE as the system superuser.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.