Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Internet-connected devices (also known as “the internet of things”) are a key business enabler for modern enterprises focused on transforming their businesses and gaining competitive advantage through automation and intelligent decision-making. According to IDC, there will be over 55.7 billion connected IoT devices (or “things”) by 2025, generating almost 80B zettabytes (ZB) of data.

Welcome to October, the spookiest month of the year! No, we’re not talking cute kids dressed as their favorite cartoon character on a mission to collect a mountain of candy. That’s a treat. We’re here to talk about the tricks, and how you can keep from falling for them. That’s right, it’s Cybersecurity Awareness Month!

Arctic Wolf Labs regularly collects and analyzes data and insights from the incident response activities of Arctic Wolf’s incident response business unit, Tetra Defense. These insights, as laid out in the charts and graphs in this blog, enhance the threat detection capabilities of the Arctic Wolf Security Operations Cloud, and are leveraged by Arctic Wolf’s community of partners.

Encryption is an essential step in cybersecurity that protects confidential information by turning it into scrambled gibberish. This ensures attackers can’t understand it, and only trusted individuals can make it understandable again.

In today’s business environment, the risk of a ransomware attack is high and continues to grow. Threat actors are well financed, motivated, and very organized. While securing your environment and infrastructure is critically important, preparation to respond to an actual ransomware attack is essential. With an incalculable number of potential vulnerabilities and attack vectors, you have to be prepared to effectively respond to and recover from an attack.

Choosing a Node.js Docker image may seem like a small thing, but image sizes and potential vulnerabilities can have dramatic effects on your CI/CD pipeline and security posture. So, how do you choose the best Node.js Docker image? It can be easy to miss the potential risks of using FROM node:latest, or just FROM node(which is an alias for the former). This is even more true if you’re unaware of the overall security risks and sheer file size they introduce to a CI/CD pipeline.

Organizations trust third-party vendors to manage large volumes of sensitive customer data, with outsourcing increasing across all industries, including the highly-regulated healthcare sector and financial services. However, service providers don’t necessarily implement the same strict data security standards that these organizations do. Cyber attacks targeting third parties are increasing, according to Gartner.

‍Data leaks happen when sensitive data or personally identifiable information (PII) is accidentally exposed on the internet or dark web. Typically, data leaks only occur due to poor cyber hygiene, weak network security, or software misconfiguration that can lead to unintended data exposure. Without proper data leak detection processes, cybercriminals and hackers can exploit the exposed data without the organization’s knowledge using open-source intelligence (OSINT).

‍Cyber vendor risk management (Cyber VRM) is the practice of identifying, assessing, and remediating cybersecurity risks specifically related to third-party vendors. By leveraging data from data leak detection, security ratings, and security questionnaires, organizations can better understand their third-party vendor’s security posture using Cyber VRM solutions.

To understand this headline better we need to have a better understanding of the traditional ways we think about Software-as-a-Service (SaaS) platforms and public cloud platforms. The difference lies in the starting point of these two solutions, while SaaS started as an extension of the corporate network, the public cloud started as an extension of the data center.