Trustwave SpiderLabs is tracking a new critical-rated vulnerability (CVE-2022-1388) affecting F5 BIG-IP network devices. Threat actors are reported to be actively exploiting this vulnerability in the wild. F5 disclosed and issued a patch for CVE-2022-1388 on May 4. We are diligently watching over our clients for exposure and associated attacks and working closely with our clients to ensure that mitigations are in place.

We are honored to share that WatchGuard has been recognized with six awards in the 2022 TrustRadius Top Rated Awards! WatchGuard received the Top Rated award for Network Security with WatchGuard Firebox (2 awards), WatchGuard EDPR / Adaptive Defense 360 (1 award) and AuthPoint (3 awards). For the first time since it was added to the WatchGuard portfolio, our Endpoint solutions have received the Top Rated award in the XDR category.

The Splunk Threat Research Team recently developed a new analytic story, Active Directory Kerberos Attacks, to help security operations center (SOC) analysts detect adversaries abusing the Kerberos protocol to attack Windows Active Directory (AD) environments. In this blog post, we’ll describe some of the detection opportunities available to cyber defenders and highlight analytics from the analytic story.

Across the thousands of cyber incidents that Kroll’s global team investigates every year, our experts are constantly on the hunt to spot established patterns of threat actor activity—and to discover new ones. In observing attack patterns, our experts discovered that threat actors like repeatability. Certain actors can be predictable not only in how they attack, but also in the tools and tactics they use once they have access.

It’s no secret that hackers are attracted to large and lucrative targets in the vast digital sphere. Oftentimes, the largest targets present the most avenues for attack. And with over 300 million users worldwide, Microsoft 365 is one of those large targets. Over 80% of deployed Microsoft 365 accounts have suffered an email breach and over 70% have suffered an account takeover.

Why Are Low-Code Platforms Becoming the New Holy Grail of Cyberattackers? Low-code/no-code platforms for enterprise are booming. With more and more critical business assets now stored and handled by these platforms, it is essential to understand that low-code often leads to a large attack surface. This article will explore low-code/no-code from an attacker’s perspective to better understand their potential weaknesses and showcase why they are becoming the new holy grail for cybercriminals.

This blog is the latest in a series dedicated to Zhadnost, a Russia-aligned botnet first discovered by SecurityScorecard in March.