Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

After a year of high-profile cyberattacks and uncertainty caused by the extended pandemic, Arctic Wolf wanted to understand the impact this period has had on cybersecurity strategy and business overall. In August of this year, we commissioned a survey of over 1,400 senior I.T. decision-makers and business executives in the U.S., U.K., and Canada, and today we are publishing the results.

Malicious Microsoft Office documents are a popular vehicle for malware distribution. Many malware families such as Emotet, IcedID, and Dridex abuse Office documents as their primary distribution mechanism. Attackers have long used phishing emails with malicious Microsoft Office documents, often hosted in popular cloud apps like Box and Amazon S3 to increase the chances of a successful lure. The techniques being used with Office documents are continuing to evolve.

There is a growing discussion among network engineers, DevOps teams, and security professionals about the security benefits of bastions. Many assume that they are the “old way” of network access and have little relevance in the modern cloud native stack. These speculations are not irrelevant as in recent years, the corporate IT network perimeter as we knew it is diminishing, and the concept has been shifted to data, identity, and compute perimeter.

In early 2020, almost every government agency embraced telework in response to the pandemic. With telework, employees operate outside the security perimeter that was put in place to protect them and the agency’s data. As a result, telework has had significant cybersecurity ramifications. Lookout has a long history of collaborating with the public sector to secure agency employees.

Knowing who has credentials, how those credentials are granted, and how they are being used is the foundation of any secure environment. It begins with user accounts and the credentials they use. Maintaining a thorough inventory of all accounts and verifying any changes to those accounts as authorized and intentional vs unintended is paramount to establishing a secure environment and this includes service accounts.

Internet-facing applications are some of the most targeted workloads by threat actors. Securing this type of application is a must in order to protect your network, but this task is more complex in Kubernetes than in traditional environments, and it poses some challenges. Not only are threats magnified in a Kubernetes environment, but internet-facing applications in Kubernetes are also more vulnerable than their counterparts in traditional environments.

The new normal of working remotely calls for solutions that are seamless, flexible, and secure. Most enterprises believe that they are well-equipped to address the evolving cybersecurity threats. However, when employees connect through a myriad of devices, most of the time the security is highly questionable. This is because either they do not use secure devices or lack critical security updates. With cyberattacks becoming highly sophisticated, a host of security challenges awaits for the enterprise!

As a managed service provider, you can never sit still. Change is constant, whether it’s the technology, business needs, or clients’ expectations. And while MSPs are accustomed to the churn, this time it’s different. Businesses are digitizing their assets and moving to the cloud, governments continue to layer on more data regulations, security threats are on the rise, and the pandemic has turned traditional office culture on its head.

Credential leakage on the dark web is constantly growing, which reveals a painful reality: a significant proportion of organizations still don’t protect employee data properly. A report published by Arctic Wolf highlights that the number of corporate passwords that have been leaked to the dark web has shot up by 429% since last March. Thus, on average and for each organization, up to 17 credentials (including username and password) are available on the dark web.