In the spring of 2024, the FBI warned U.S citizens of a spear phishing campaign by state-sponsored North Korean threat actors. By exploiting an improperly configured email security protocol known as domain-based message authentication, reporting, and conformance (DMARC), the North Korean hackers bypassed safeguards that, when properly enabled and enforced, help protect email domains from … Types of Spoofing Attacks
In the spring of 2024, the FBI warned U.S citizens of a spear phishing campaign by state-sponsored North Korean threat actors. By exploiting an improperly configured email security protocol known as domain-based message authentication, reporting, and conformance (DMARC), the North Korean hackers bypassed safeguards that, when properly enabled and enforced, help protect email domains from … Types of Spoofing Attacks
On 13 January 2025, Halcyon released a research blog about the Codefinger group conducting a ransomware campaign targeting Amazon S3 buckets. The attacks leverage AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) to encrypt data. The threat actors then demand ransom payments for the symmetric AES-256 keys required to decrypt it. Due to how the … Ransomware Campaign Encrypting Amazon S3 Buckets using SSE-C
On January 13, 2025, Halcyon released a research blog about the Codefinger group conducting a ransomware campaign targeting Amazon S3 buckets. The attacks leverage AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) to encrypt data. The threat actors then demand ransom payments for the symmetric AES-256 keys required to decrypt it. Due to how the … Ransomware Campaign Encrypting Amazon S3 Buckets using SSE-C
Aurora Protect provides AI-driven security to stop endpoint threats before they disrupt your business.
Accomplish the security outcomes your organisation is striving to achieve — faster, more efficiently, and greater consistency — with Alpha AI.
Key Takeaways Arctic Wolf observed a recent campaign affecting Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. The campaign involved unauthorised administrative logins on management interfaces of firewalls, creation of new accounts, SSL VPN authentication through those accounts, and various other configuration changes. While the initial access vector is not definitively … Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls
Key Takeaways Arctic Wolf observed a recent campaign affecting Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. The campaign involved unauthorized administrative logins on management interfaces of firewalls, creation of new accounts, SSL VPN authentication through those accounts, and various other configuration changes. While the initial access vector is not definitively … Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls
Arctic Wolf has been named to the HRC 100, earning a perfect score of 100% on the Human Rights Campaign’s Corporate Equality Index. This prestigious recognition reflects our commitment to fostering an inclusive and equitable workplace where all employees feel valued, supported, and empowered to thrive. The Human Rights Campaign’s Corporate Equality Index serves as … Arctic Wolf Named to the HRC 100
On 8 January 2025, Ivanti published a security advisory announcing the patching of a critical, actively exploited vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA Gateways. Tracked as CVE-2025-0282, the vulnerability allows remote unauthenticated threat actors to achieve remote code execution (RCE) via a stack-based buffer overflow flaw. Ivanti confirmed that exploitation has only … CVE-2025-0282: Critical Zero-Day Remote Code Execution Vulnerability Impacts Several Ivanti Products
On January 8, 2025, Ivanti published a security advisory announcing the patching of a critical, actively exploited vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA Gateways. Tracked as CVE-2025-0282, the vulnerability allows remote unauthenticated threat actors to achieve remote code execution (RCE) via a stack-based buffer overflow flaw. Ivanti confirmed that exploitation has only … CVE-2025-0282: Critical Zero-Day Remote Code Execution Vulnerability Impacts Several Ivanti Products
Im Jahr 2023 betrafen 60 % der von Arctic Wolf® Incident Response untersuchten Vorfälle die Ausnutzung einer zwei (oder mehr) Jahre alten Sicherheitslücke. Diese Schwachstellen waren bekannt, und die betroffenen Unternehmen hatten Monate bis Jahre Zeit, sie zu beheben, bevor es zu einem Zwischenfall kam. Diese Statistik verdeutlicht, dass es zwar eine Vielzahl von Faktoren … Wie man eine Cyberrisikobewertung durchführt
Through a known vulnerability, a threat actor gains access to an organisation and begins to alter the network activity, running unusual enumeration commands. Then the threat actor uses stolen credentials to log into various applications within said network. The cybersecurity monitoring solution at work, in this case Arctic Wolf® Managed Detection and Response, subsequently picks … Understanding Indicators of Compromise and Their Role in Cybersecurity
Through a known vulnerability, a threat actor gains access to an organization and begins to alter the network activity, running unusual enumeration commands. Then the threat actor uses stolen credentials to log into various applications within said network. The cybersecurity monitoring solution at work, in this case Arctic Wolf® Managed Detection and Response, subsequently picks … Understanding Indicators of Compromise and Their Role in Cybersecurity
Users give Arctic Wolf Managed Security Awareness an overall rating of 4.9 out of 5. EDEN PRAIRIE, MN – January 7, 2025 – Arctic Wolf®, a global leader in Security Operations, today announced that it has been named a Strong Performer in the December 2024 Gartner® Peer Insights Voice of the Customer for Security Awareness … Arctic Wolf Receives 100% Willingness to Recommend Score in 2024 Gartner Peer Insights™ Voice of the Customer for Security Awareness Computer-Based Training
Ein Bedrohungsakteur sendet eine E-Mail an einen Benutzer in einem Unternehmen und gibt sich als Mitarbeiter der IT-Abteilung aus. Sie brauchen ein Passwort für eine wichtige Anwendung, und die E-Mail ist überzeugend. Sie erwähnt Aspekte der Anwendung, die nur dem Benutzer bekannt sind, verweist auf eine kürzlich verschickte Aktualisierungs-E-Mail, die unternehmensweit versandt wurde, und endet … Die Rolle des Pretexting bei Cyberangriffen
Ein Mitarbeiter eines großen Unternehmens recherchiert für einen Kunden und klickt auf eine vermeintlich seriöse Website. Was sie nicht wissen, ist, dass sich während des Surfens Malware in Form eines trojanischen Virus schnell auf ihr Endgerät herunterlädt. Der Trojaner springt vom Endgerät in das Unternehmensnetzwerk über, und plötzlich schlagen die Cybersecurity-Systeme Alarm, da sich Ransomware … Informationen zu Drive-by-Download-Angriffen
Im Jahr 2023 wurden fast 29.000 Schwachstellen veröffentlicht, 3.800 mehr als im Jahr 2022. Noch beunruhigender als die schiere Menge der Schwachstellen im Jahr 2023 ist, dass mehr als die Hälfte von ihnen mit einem CVSS-Score bewertet wurden, der auf einen hohen oder kritischen Schweregrad hinweist – ein Anstieg von 57 % im Vergleich zum … Das anhaltende Risiko der Remote-Code-Ausführung
This demo will provide an overview of the Managed Security Awareness dashboard statistics as well as the on-demand reporting capabilities and historical data for this comprehensive program.
