Today, many organizations have a security awareness program of some kind. Whether it’s annual compliance training or the orientation video warning new employees about phishing, it’s almost a standard now among industries. However, security awareness programs vary in frequency, details, and execution. And it’s that variability which, unfortunately, can become a vulnerability. Employees and users are the first line of defense against a cyberattack.

Welcome to the first episode of Authenticated, a new series from Arctic Wolf Labs designed to break down our fundamental, people-driven approach to cybersecurity. Led by Arctic Wolf Chief Product Officer Dan Schiappa, Authenticated explores how we’re reinventing the cybersecurity industry one innovation at a time.

“Automation” and “orchestration” are terms that frequently appear within the same sentence – which is unsurprising, because they are closely related. In fact, they’re so similar in meaning that it can be easy to confuse their meanings or assume that there is basically no real difference between security automation and orchestration. But, as with many concepts in the world of IT and security (“observability” vs.

For its 25th year, Black Hat USA presented a “unique hybrid event experience, offering the cybersecurity community a choice in how they wish to participate” virtually or in person. It was a jam-packed four days of trainings, conferences, briefings, special events, and cybersecurity solutions.

In just three quarters since Torq was officially launched, our visionary team has delivered a 385% increase in customers, resulting in 360% quarter-over-quarter growth. We’ve also boosted our headcount by 150% and now have more than 100 technology integration partners, including Armis, Orca, SentinelOne, and Wiz. In addition, we recently opened new offices in the UK, Spain, and Taiwan

Security threats evolve just as fast as the technologies used to stop them. New and modified attack strategies are constantly in the works. To make matters worse, the attack surface within corporate networks is expanding. The push to work from home increased vulnerable points of entry by introducing multitudes of new endpoint devices. The move to cloud-based services and infrastructure has further resulted in a broader and more challenging landscape to defend.

Not everyone had the luxury of enjoying BBQ and backyard time during Fourth of July weekend. Kaseya, an IT management software provider, spent their 2021 holiday fighting a ransomware attack. You likely saw news of the attack in headlines over that holiday weekend, especially considering Kaseya is a technology provider to thousands of managed service providers.

Stop me if you’ve heard this one: “we’re finding it really difficult to fill cyber roles.” In recent years, cyber-attacks have transcended industries and demographics — as has the need for strong, proactive cybersecurity. In the modern cyber landscape, everyone is a target, and every business needs to defend themselves against cyber threats. That means more organizations are on the lookout for security professionals.

Modern innovations change the face of the modern digital world. Meanwhile, the risk of cyberattacks remains a disaster for every organization. A platform effectively uses humans, technology, and resources to secure organizational functions. It works continuously round the clock to eradicate and rectify all sorts of attacks. Organizations adopt such platform depending on their level of competency in providing security services to their customers.

At the heart of almost every business interaction lies trust. Whether logging in to a website, providing information over the phone, or interacting via email, trust is essential when the communication involves money, sensitive data, or both. To win a victim’s trust, gain access to a secure system, receive sensitive data, or insert malicious software, cybercriminals use various tools and tactics to mask their identity or disguise their devices. These tactics are the foundation of a spoofing attack.

The only constant you can count on in technology is change. From microprocessors to PCs to smartphones to software, technology continues to become faster, smarter, and more sophisticated. But make no mistake: what’s changed the most in the world of technology over the past few decades is the hacker. Hackers are highly motivated to stay ahead of the latest security trends. It’s how they keep from getting caught, and how they keep the fun and profit rolling.

It’s difficult for even the most advanced security teams to stay on top of evolving incursions and ensure their processes effectively map to prevent them. That’s where pre-built templates come into the conversation. No-code, security automation templates can handle the considerable burden of having to maintain and update processes that integrate with a company’s security stack.

The business world is changing fast. The shift to hybrid or remote models and the rapid adoption of cloud services are allowing employees to work from anywhere, while giving the companies they work for the chance to increase innovation and stay ahead of their competition. The cybersecurity industry has changed as well, with those same innovations creating new challenges for IT and security teams.

On Wednesday, August 3, 2022, Cisco disclosed two critical-severity vulnerabilities (CVE-2022-20842 and CVE-2022-20827) impacting RV160, RV260, RV340, and RV345 series small business routers. Both vulnerabilities are due to insufficient validation but differ in how they are exploited.

Exciting times are here at Arctic Wolf. This week, we celebrated a pair of awards recognizing our status as an industry innovator and employer of choice, with rankings on both the Forbes Cloud 100 and Fortune Best Medium Workplaces list.

On Tuesday, August 2, 2022, VMware disclosed a critical-severity authentication bypass vulnerability (CVE-2022-31656) impacting multiple VMware products, including VMware’s Workspace ONE Access, Identity Manager (vIDM), and vRealize automation. If successfully exploited, the vulnerability could allow a threat actor with network access to the user interface to obtain administrative access without needing to authenticate.

It was an exceptionally hot July in many parts of the world, and cyberspace was no exception. High profile hacks in July affected people in all walks of life, from casual gamers and social media posters to air travelers and medical patients. Still, we hate to be the bearers of exclusively bad news, so we’ve included one silver lining amongst our usual bank of dark clouds.

The data in the new Verizon “Data Breach Investigations Report” (DBIR) offers critical insights into the current state of cybersecurity. After a year of data breaches and cyberattacks consistently dominating headlines, this year’s report closely examines what adversaries are looking for when they’re trying to infiltrate businesses and organizations.