You can’t protect your system if you don’t know where the vulnerabilities lie or what aspects of your security architecture are being targeted by threats. Intelligence is everything in security — it’s how CISO’s make large-scale operational decisions, how IT teams prioritize projects, and how responders restore and remediate a system during and after an incident.

To kids, their Halloween candy stash might as well be a treasure chest. It is their most valuable possession and must remain hidden from pirates … or at least siblings dressed up like pirates. I grew up in a big family. With many kids in the house sharing the same love for Reese’s Peanut Butter Cups, I knew the value of my candy. I knew how important it was to keep it secure. I’d count the pieces multiple times a day.

Observed each October, National Cybersecurity Awareness Month (NCSAM) was first launched in a collaborative effort between the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security. Today, it continues to be an important collaboration between government and industry in the months up to and throughout October. Each year focuses on core themes to raise awareness about cybersecurity issues and explain what resources can help.

Maybe it’s the changing of the seasons, the start of a new school year, or just something in the air, but September’s cybersecurity landscape was marked with high-energy hacks that seem to have served as twisted amusements for their perpetrators. This month’s round-up is full of criminals who weren’t content just to collect a ransom or sell some private data. These hackers wanted to scorch the earth and hurt their victims with an extra layer of malice and humiliation.

Healthcare leaders are embracing cloud technologies to connect information across the continuum of care, engage more patients, and unlock the potential of health data. While the cloud streamlines healthcare operations, it also presents challenges for organizations that must meet the stringent data security requirements of HIPAA and other security standards.

On Thursday, September 29th, 2022, GTSC–a Vietnam-based cybersecurity company–published a blog detailing intrusion they investigated that chained together two exploits for Microsoft Exchange zero-day vulnerabilities to achieve remote code execution (RCE). Technical details around how to exploit these vulnerabilities were not provided.

Welcome to October, the spookiest month of the year! No, we’re not talking cute kids dressed as their favorite cartoon character on a mission to collect a mountain of candy. That’s a treat. We’re here to talk about the tricks, and how you can keep from falling for them. That’s right, it’s Cybersecurity Awareness Month!

Arctic Wolf Labs regularly collects and analyzes data and insights from the incident response activities of Arctic Wolf’s incident response business unit, Tetra Defense. These insights, as laid out in the charts and graphs in this blog, enhance the threat detection capabilities of the Arctic Wolf Security Operations Cloud, and are leveraged by Arctic Wolf’s community of partners.