Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf has been tracking multiple intrusions where Cisco VPN account credentials were harnessed by Akira ransomware for initial access. In a recent Cisco PSIRT advisory, Cisco stated they were aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations. Our case data supports the observation that affected accounts did not have MFA enabled.

Our team has been hard at work creating updates and new features just for you, see what we’ve been up to over the last month.

This month's release rollup includes product updates and enhancements from Egnyte around AI-driven document summarization and helpdesk chatbot, workflow templates, and smart cache for Civil 3D. Below is a summary of these and other new releases. Visit the linked articles for more details.

When we put forward a vision for cybersecurity talking about building one platform that covers all security operations - or as we call it SecOps Cloud Platform - we could not have imagined that a month later, the world’s largest pure-play cybersecurity company would buy into this vision. This alignment is flattering, to say the least. Yesterday, Cole Grolmus of Strategy of Security published an article titled The Audacious Future of Palo Alto Networks.

Your security questionnaire workflow is the litmus test for the efficiency of your overall Vendor Risk Management program. If this pipeline gets congested, all of the VRM processes, depending on it, get disrupted, which impacts your security posture and heightens your risk of suffering a third-party data breach.

Prospect Medical Holdings is an umbrella company with over 16 separate hospitals throughout Pennsylvania, California, Rhode Island, and Connecticut. The company manages a huge amount of information between all those different hospitals, and all that data could easily be misused if the wrong individuals accessed it. Prospect Medical Holdings was recently the victim of a data breach, though the company itself did not announce that information to the world.

A strong password is made up of at least 16 characters and contains upper and lower case letters, numbers and symbols. Strong passwords also follow password best practices so they never contain personal information, dictionary words or phrases, and are never reused across multiple accounts. Continue reading to learn why strong passwords are necessary and tips for creating a strong password.

Over 72 percent of Indian citizens think their personal data has been compromised, according to a recent article in Business Today. They blame a variety of organizations and institutions, which is understandable. Now imagine your organization is the one to blame. Could your company survive this type of hit to its reputation? Would it be able to retain customers who no longer trust you to keep their sensitive information secure?

August 31, 2023 By Isac Hur, Senior FedRAMP/ StateRAMP/ CMMC Practice Lead and Quality Assurance As a compliance auditor and practitioner in the FedRAMP space, I see a lot of mistakes cloud service providers (CSPs) make that cause them a tremendous amount of grief when seeking authorization. The process is painful enough on its own, but many of the people you hear venting frustration have made missteps.

You don’t need us to tell you that open source software is becoming a very significant percentage of commercial software codebases. Open source components are free, stable, and enable you to focus your resources on the innovative and differentiated aspects of your work. But as the use of open source components increases, compliance with open source licenses has become a complex project of growing importance. So how can you stay on top of compliance and what tools are out there to help?