Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On Thursday, May 12, 2022, Zyxel released a patch advisory for an unauthenticated remote code execution (RCE) vulnerability in their line of Firewall products tracked as CVE-2022-30525. The exploitation of this vulnerability can allow a threat actor to modify specific files and execute code remotely on a vulnerable appliance. Proof of Concept (PoC) exploit code for this vulnerability has been made publicly available via multiple sources.

We are thrilled to announce that Arctic Wolf has made the 2022 CNBC Disruptor 50 list, the company’s tenth annual ranking of the most game-changing private companies using technology to advance their industry. This list identifies fast-growing, innovative start-ups and Arctic Wolf is recognized for its revolutionary role in bringing security operations to organizations of all sizes, leading the few cybersecurity companies included on this year’s list.

On Tuesday, May 10, 2022, security researcher Oliver Lyak published a PoC exploit for CVE- 2022-26923, a privilege escalation vulnerability impacting Active Directory Domain Services with a CVSS score of 8.8 and high severity. The vulnerability allows a threat actor who has already compromised a user account to elevate privileges to Domain Admin, if Active Directory Certificates Services is running on the domain. Microsoft patched the vulnerability in May’s Patch Tuesday release.

The constantly changing world of cybersecurity can leave you longing for an understanding of today's modern threats. A solid foundation of cybersecurity terminology is a great first step toward understanding the world of cyber threats and how to help minimize and mitigate risk for your organization. But with more acronyms added every year, it can be a daunting task to keep up. Thankfully, we're here to help.

The cybersecurity industry has spent a lot of time talking about improving the analyst experience without making significant improvements. Much of the effort has been too focused on trying to find a silver bullet solution. Combine that with a global pandemic and things are just getting worse.

Once a malicious actor has gained initial access to an internal asset, they may attempt to conduct command and control activity.

On Wednesday, May 4, 2022, F5 disclosed a critical-severity vulnerability impacting the iControl REST authentication of BIG-IP systems being tracked as CVE-2022-1388. If successfully exploited, the vulnerability could lead to Authentication Bypass, which could allow a threat actor to execute arbitrary system commands, perform file actions, and disable services on BIG-IP. BIG-IQ Centralized Management, F5OS-A, F5OS-C, and Traffic SDC are not impacted by CVE-2022-1388.

Toil — endless, exhausting work that yields little value in DevOps and site reliability engineering (SRE) — is the scourge of security engineers everywhere. You end up with mountains of toil if you rely on manual effort to maintain cloud security. Your engineers spend a lot of time doing mundane jobs that don’t actually move the needle. Toil is detrimental to team morale because most technicians will become bored if they spend their days repeatedly solving the same problems.

The attacks came from all corners in the past month, as cybercriminals used administrative access codes, stolen internal data, laser-focused programming tools, and even humble job applications to worm their way into organizations' inner workings. Let's look at some of the strange and sinister innovations that shaped the world of cybercrime this April.

Data theft, denial-of-service, ransomware—the world of cyber threats has never been more dangerous, in large part because there’s never been more vulnerabilities.