Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Previously published blog post: Recently, Arctic Wolf observed threat actors begin exploiting CVE-2022-40684, a critical remote authentication bypass vulnerability impacting FortiOS, FortiProxy, and FortiSwitchManager.

If you’re like me, you really appreciate a test automation step as part of your pull request (PR) CI for that added confidence before merging code. I want to show you how to add Playwright tests to your PRs and how to tie it all together with a GitHub Actions CI workflow.

Autumn is officially here again in New Jersey, bringing fresh apples, cider, Halloween candy by the ton, and pumpkin spice everything. It’s been more than four months since our May update to CloudCasa, which is a bit longer than usual. But don’t think that we spent the summer lounging on a beach! Our development team has been working as hard as ever, and we have an impressive list of new CloudCasa features to announce.

On Tuesday, October 11th, 2022, Aruba disclosed three critical vulnerabilities impacting EdgeConnect Enterprise Orchestrator. The vulnerabilities, CVE-2022-37913, CVE-2022-37914, CVE-2022-37915, are remote code execution and authentication bypass vulnerabilities that could enable remote threat actors to compromise a host. In order for a threat actor to exploit these vulnerabilities, WAN access would need to be available for the CLI and/or web-based management interfaces.

Elastic has successfully delivered a leading Security Information and Event Management (SIEM) offering with only two years in the market. According to IDC Worldwide Security Information and Event Management Market Shares, 2021: The Cardinal SIEMs report, Elastic is one of the fastest growing SIEMs (more than 80% year-over-year growth) — and had the fifth largest market share in 2021 of the 20+ SIEM vendors in the report.

Register Now Nearly every day, news articles showcase big-name companies that became victims of cyberattacks and the hundreds of millions of dollars of loss it will have on their business. These headlines should not be surprising when you look at the data. The number of ransomware detected in Q1 2022 alone was double that of the whole year of 2021.

The value of digital payment transactions is growing as the world's payment environment moves more and more away from cash. Over the past few years, BFSI (Banking, Financial Service, and Insurance) firms have continued to be a top target for hackers. In fact, the Sixth Annual Bank Survey found that more than 70% of fintech companies named information security as their top issue.

At CrowdStrike, our mission is to stop breaches. To achieve this, we’re always on the lookout to defend customers against active attacks and preemptively protect them against emerging threats. In July 2021, researchers from Royal Holloway, University of London, published a white paper, “RansomClave: Ransomware Key Management using SGX,” that presents a novel ransomware based on an Intel feature called Software Guard Extension (SGX).

Read also: Microsoft fixes a Windows zero-day, Mango Markets DeFi platform robbed of over $100M, and more.

Perhaps you have recently seen some shocking statistics concerning the prevalence of identity theft, or perhaps you have a close friend who has gone through a terrible and stressful fraud situation. Even worse, you could already be familiar with the terrifying consequences of identity theft. Whatever the situation, you probably feel helpless to take any action to safeguard yourself. You’re not alone; this feeling is widespread.