On April 19, 2023, PaperCut confirmed print management servers vulnerable to a critical remote code execution vulnerability (CVE-2023-27350: CVSS 9.8) are being actively exploited by threat actors. CVE-2023-27350 could allow unauthenticated threat actors to bypass authentication and execute arbitrary code in the context of SYSTEM on a PaperCut Application Server. Zero Day Initiative responsibly disclosed the vulnerability to PaperCut on January 10, 2023; PaperCut released a patch on March 8, 2023.

The financial services industry is undergoing a sea change in how it does business. Today their customers expect 24×7 access, self-service convenience, apps that eliminate the need to visit brick-and-mortar locations, and always-available customer service accessed via phone, email, and the internet. Making things even more challenging, financial sector leaders are embracing cloud technologies to save costs, support real-time analysis, and offer more personalized customer experiences.

A lengthy, stressful test is what comes to mind when most people hear the acronym “SAT.” But the other “SAT” — a security awareness training, or SAT, program — can also embody those qualities if it’s not managed correctly, and cause just as many headaches for an organization fighting to mitigate phishing attacks and social engineering scams.

The attack surface is bigger than ever before, and it’s only going to keep growing. As the hybrid work model puts endpoints in employee homes, IoT devices grow in number and complexity, and the very definition of endpoint itself evolves, the task of seeing into and securing all endpoints in an organization’s environment has grown into a colossal task for already overworked and overtaxed IT teams.

It’s not news that organizations’ networks are increasing in complexity. The rise of hybrid work, the proliferation of the cloud, and the increased use of IoT devices has pushed networks far outside the server room — and even the four walls of the office — into a digital-first realm. While these changes have increased efficiency, scalability, and how operations work in the modern age, they’ve also created new avenues for cybercriminals to launch an attack.

Australia is leading the way when it comes to improving overall cybersecurity for the country. The government recently announced the Australian Cyber Security Strategy aimed at improving IT infrastructure to maintain a high level of security for agencies, businesses, and users. Their goal is to create the most cyber secure nation in 2023.

It’s good to be on top. G2 has recognized Arctic Wolf® Managed Detection and Response (MDR) as the top overall MDR solution. As the leader in security operations, we help thousands of organizations across industries and around the globe end cyber risk through 24×7 monitoring that helps organizations detect, respond, and recover from modern cyber attacks. It’s an honor to be recognized by G2.

Artificial intelligence has arguably overstayed its welcome as a buzzword in the technology realm, leading to debates around the efficacy of the tool and definition of the term for the better part of two decades. But in the world of cybersecurity, businesses are just beginning to reap the benefits of advanced machine learning models that can actually keep up with ever-changing threats from cybercriminals with nothing but time on their hands to break algorithm-based defenses.

In 2022, the healthcare industry set a record no one will be eager to break. According to IBM’s 2022 Cost of a Data Breach report, the average cost of a breach in healthcare climbed to $10.1 million dollars, making it the industry with the highest average breach cost for 12 years running. Meanwhile, 57% of organizations are planning to increase their cybersecurity budgets in 2023.

What do public school students, BMW dealers, Canadian defense engineers, and the world’s richest human have in common? They all fell victim to some manner of cybercrime during March. We’ve seen time and time again that no group is off-limits in the world of cybercrime, and the span of attacks we’re covering this month highlights cybercriminals lack of preference when there’s data and money on the line.