Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On July 24, 2024, Progress published a knowledge base article disclosing a critical vulnerability (CVE-2024-6327) impacting Telerik Report Server, a product by Progress designed for streamlined report management within organizations. This vulnerability can lead to remote code execution (RCE) due to the deserialization of untrusted data. Arctic Wolf has not identified a publicly accessible proof of concept (PoC) exploit or active exploitation of this vulnerability. However, most notably.

Financial service organizations face a growing challenge. Their customers expect 24×7 access and self-service convenience, meaning these organizations must move to the cloud and embrace new technologies. However, those moves also expand their attack surface, increase cyber risk, and make achieving and maintaining compliance more challenging.

Back in 2013, Gartner’s Anton Chuvakin set out to name a new set of security solutions to detect suspicious activity on endpoints. After what he called, “a long agonizing process that involved plenty of conversations with vendors, enterprises, and other analysts,” Chuvakin came up with this phrase: endpoint threat detection and response.

Security operations solutions are essential to stopping today’s cyber threats.

On July 17, 2024, Cisco publicly disclosed critical vulnerabilities in Cisco Secure Email Gateway (SEG) and Cisco Smart Software Manager On-Prem (SSM), identified as CVE-2024-20401 and CVE-2024-20419 respectively. Both of these vulnerabilities may allow for unauthenticated administrative actions to be taken by threat actors when exploited.

Beginning in early July 2024, Arctic Wolf responded to multiple SocGholish/FakeUpdate intrusions that resulted in a seemingly benign payload being delivered as a second-stage download. The zip file payload contained software from the Berkeley Open Infrastructure for Network Computing (BOINC) project, open-source software that allows users to contribute computing power to scientific research projects focused on solving complex calculations.

Recent research by Arctic Wolf has revealed that, within the last 12 months, 48% of organizations identified evidence of a successful breach within their environment. As The State of Cybersecurity: 2024 Trends Report highlights, “To fully understand the gravity of this statistic, it is important to understand that, although 48% of these environments found evidence of a data breach, that does not inversely mean that 52% of organizations did not suffer a breach.”