Artificial intelligence (AI) has supercharged social engineering. Global management consulting firm McKinsey & Company reported a 1,200% global surge in phishing attacks since the rise
Phishing has been a mainstay of cybercrime for decades – and for good reason. Threat actors continually evolve their phishing tactics, techniques, and procedures (TTPs),
Arctic Wolf’s The State of Cybersecurity: 2025 Trends Report revealed that 23% of organizations experienced at least one significant ransomware attack in 2024. And these
What Is a Supply Chain Compromise? A supply chain compromise occurs when threat actors infiltrate an organization by targeting and exploiting a trusted third-party vendor, partner, or
What Is a Cyber Attack? A cyber attack is any attempt – successful or otherwise — by cybercriminals to access a cloud or computer network
The identity attack surface is expanding faster than ever. Every new cloud application, remote login, and digital touchpoint creates another entryway threat actors can exploit,
What Is a Brute-Force Attack? A brute-force attack is a tactic used by threat actors to gain unauthorized access to an account, system, or encrypted
What is a DDoS Attack? A distributed denial-of-service (DDoS) attack consists of multiple compromised devices or systems (often qualifying as botnets) attacking a target on
Cybercriminals are shifting tactics. Rather than relying solely on ransomware’s tried-and-true method of using encryption to lock files and demand payment to decrypt, many are
While it’s easy to look at the modern threat landscape as a cat-and-mouse game between sophisticated threat actors utilizing high-tech methods to hack their way
Recent escalations involving the U.S. and Iran highlight an important reality: geopolitical tensions frequently extend into cyberspace. Cyber threat actors affiliated with or sympathetic to
Let’s start with the good news. Law enforcement organizations around the world have stepped up their efforts to find, stop, and arrest ransomware operators, shut
Cyber attacks are a constant threat for organizations, with most facing the question of when, not if, they will be targeted. Just as businesses adopt
When it comes to cybercrime, there are few threat actor tactics as useful and widespread as credential theft, and the subsequent use of stolen credentials,
In early 2024, a Nigerian hacker was arrested for defrauding two U.S. non-profits and stealing over $7 million (USD). He amassed this amount of ill-gotten
In the summer of 2024, a Russian ransomware gang launched an attack on a UK pathology services provider. However, the group didn’t just encrypt the
Imagine a scenario where an employee receives an email from a colleague, asking for login credentials to a valuable application within their organization. The recipient,
Since its introduction into cybersecurity in the late 1980s as a tool for detecting unusual activity, artificial intelligence (AI) has grown in popularity and functionality,
What is Ransomware-as-a-Service? Ransomware-as-a-service is a business model where ransomware operators and third parties, called “affiliates,” work together to launch ransomware attacks. RaaS was first
The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.
In the spring of 2024, the FBI warned U.S citizens of a spear phishing campaign by state-sponsored North Korean threat actors. By exploiting an improperly
A threat actor sends an email to a user at an organization claiming to be from the IT department. They need a password to a
An employee at a large organization is doing research for a client and clicks on what they believe is a legitimate website. What they don’t
On April 12, 2024, Palo Alto Networks published a security advisory detailing an actively exploited maximum severity zero-day vulnerability affecting the GlobalProtect feature of PAN-OS.
A ransomware attack is underway. The threat actor has gained initial access to an endpoint and executed malicious code on it. As far as the
One of the more common forms of fileless malware that’s making the rounds across organizations cloud environments, is something called PyLoose. In rotation since 2014,
There were nearly 29,000 vulnerabilities published in 2023, 3,800 more than in 2022. More troubling than the sheer volume of vulnerabilities in 2023 is that
Government entities were in the top five industries targeted by both ransomware and business email compromise (BEC) attacks in 2023, according to Arctic Wolf. Additionally,
In the modern, interconnected world, no organization is immune from a cyber attack. Indeed, most experts agree that it is a matter of “when,” not
