Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Q4 2022 Threat Landscape Report: Tech and Manufacturing Targeted as Ransomware Peaks for 2022

In a year where headlines were dominated by the global economic and geopolitical uncertainty around Russia’s war on Ukraine, 2022 saw a threat landscape that was both volatile and fragmented, largely due to the war. As the year drew to an end, ransomware hit a peak, primarily due to the rise in attacks impacting the manufacturing, health care, technology and telecommunications industries.

How Organizations Can Improve Their Cloud Security

When Arctic Wolf surveyed over 900 decision makers across the globe, an area of cybersecurity that kept reappearing in responses was cloud security. Last year, cloud adoption rate was at 99% but only 19% of those organizations were implementing cloud security posture management (CSPM) solutions. As cloud-originated breaches increase, it’s no surprise then that cloud concerns are also rising.

Ransomware protection in the open: Advancing efficacy through community collaboration

Free and open access is one of the core principles upon which Elastic was originally built and continues to operate. Our products are free to use, and much of our code is accessible in public source code repositories. In recent years, this commitment to transparency and availability has extended to our security offerings.

When software isn't a "supply"

I was inspired to write this after reading a post from Thomas Depierre on Mastodon. The post touched on something that’s been troubling me recently. When it comes to software security, we spend a lot of time talking about the software supply chain and related concepts, such as the software bill of materials (SBOM). This metaphor comes from an industrial lexicon. People who are used to talking about economies and how manufacturing works are familiar with the idea of supply chain.

The dangers of setattr: Avoiding Mass Assignment vulnerabilities in Python

Mass assignment, also known as autobinding or object injection, is a category of vulnerabilities that occur when user input is bound to variables or objects within a program. Mass assignment vulnerabilities are often the result of an attacker adding unexpected fields to an object to manipulate the logic of a program.

Info-Stealers Are on the Rise: A Look into Stealerium

Info-stealers are malicious software designed to extract sensitive information, such as passwords, from victim systems. Info-stealers have become one of the most discussed malware types in cybercriminal underground forums. Let’s see how info-stealers have evolved recently to become the threat that they are. Then, we’ll look at a specific stealer freely available as open-source that could be used in future attacks.

Multiple Critical & Actively Exploited Vulnerabilities Patched in Microsoft's February Security Update

On February 14, 2023, Microsoft published its February 2023 Security Update and patched multiple high to critical vulnerabilities, with some of them being actively exploited in the wild. These vulnerabilities impact Windows systems and Exchange servers.

Malware 101: What It Is, Current Trends, Signs You're Infected & Prevention

Malware refers to any modified script in a software system that aims to cause intentional harm to the victim. The term malware is a portmanteau that blends two words: malicious and software. Let’s take a good look at this bad situation. We’ll review how malware works, alarming stats and trends, signs that you’re likely infected and, most importantly, ways to prevent this malice.

January Cyber Roundup

T-Mobile has once again fallen victim to a massive new cybersecurity breach, discovered on Jan. 5. The company has a history of hacks from recent years, for which it was fined hundreds of millions of dollars. Using weak API security, the attack caused the exposure of the personal data of more than 37 million customer accounts, which was apparently first accessed on or around Nov. 25. The stolen records include addresses, phone numbers and dates of birth.

One Cybersecurity Platform To Rule Them All: Exploring The One Architecture

Enterprises require multiple tools for cyber defense, so network and information security staff often end up managing a patchwork of solutions, a blend of legacy and new technologies. If they find and deploy solutions that solve several business and security problems at once, they can reduce costs, logistics, and headaches while helping the business grow and innovate.