Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

NYSE's #TakingStock: Arctic Wolf President & CEO Nick Schneider on the Centralized Platform

At #RSA24, Arctic Wolf CEO and President Nick Schneider sat down for a #TakingStock conversation with Trinity Chavez to share how Arctic Wolf's focus on delivering superior security outcomes has led to enhancements across our industry-leading security operations platform. #EndCyberRisk.

CVE-2024-4358 & CVE-2024-1800: PoC Exploit Published for Pre-Authenticated RCE Chain in Progress Telerik Report Server

On May 31st, 2024, a Proof of Concept (PoC) exploit and technical analysis were published for a pre-authentication Remote Code Execution (RCE) exploit chain impacting Telerik Report Server, a product by Progress designed for streamlined report management within organizations.

Lost in the Fog: A New Ransomware Threat

On May 2, 2024, Arctic Wolf Labs began monitoring deployment of a new ransomware variant referred to as Fog. The ransomware activity was observed in several Arctic Wolf Incident Response cases, each exhibiting similar elements. All victim organizations were located in the United States, 80% of which were in the education sector and 20% in the recreation sector. We are sharing details of this emerging variant to help organizations defend against this threat.

Human Risk Management and Security Awareness Training

A notable statistic has appeared in the cybersecurity research landscape: Phishing and pre-texting accounted for 73% of breaches in 2023. That’s according to the 2024 Verizon Data Breach Investigations Report, and the alarming use of humans as a vector for initial access is mirrored elsewhere.

Why Credit Unions Need to Improve Their Cybersecurity

Where there is money, there are cybercriminals trying to take it. This is especially true for credit unions, which deal with both financial information and the personal identifying information (PII) of every member and connected institution. They are a digital vault of data and dollars and threat actors are all too ready to crack the safe.

CVE-2024-24919: Information Disclosure Vulnerability Leveraged to Target Check Point VPNs

On May 27, 2024, Check Point released hot fixes for an information disclosure vulnerability being leveraged by threat actors to target Check Point VPNs. This vulnerability was labeled as CVE-2024-24919 and is rated as high severity, as a remote threat actor can exploit the vulnerability to access information on Gateways connected to the Internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled.

Okta Cross-origin Authentication Feature in Customer Identity Cloud Targeted in Credential Stuffing Attacks

On May 28, 2024, Okta disclosed that the cross-origin authentication feature in Customer Identity Cloud (CIC) is being targeted by credential-stuffing attacks. These attacks involve threat actors using large lists of stolen usernames and passwords to gain unauthorized access to online services. Suspicious activity has been observed starting from April 15, prompting Okta to notify affected customers and provide guidance to mitigate the issue.