Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The cyber insurance market has matured rapidly over the past two years in the face of ever-evolving risk. Factors such as increased ransomware activity, ballooned claims frequency and loss severity, coupled with soaring market demand have brought us to what is referred to as the “second wave” of cyber insurance — a revolution in the way businesses are evaluated, underwritten and protected.

Arctic Wolf’s The State of Cybersecurity: 2023 Trends report revealed a painful, yet unsurprising statistic: 68% of organizations identified staffing-related issues as their number one threat to achieving their security objectives. Breaking that down further, 32% of organizations are having difficulty with hiring and retaining staff. The remaining 36% feel their existing security team lacks the necessary expertise.

On June 23, 2023, Fortinet disclosed a critical Remote Code Execution (RCE) vulnerability (CVE-2023-33299) affecting FortiNAC, a network access control solution utilized by organizations to manage network access policies and compliance. This vulnerability is the result of the deserialization of untrusted data. Deserialization vulnerabilities such as this one are dangerous because a threat actor can insert a modified serialized object into the system which leads to unauthenticated RCE.

Strong, resilient security operations require the proper melding of people, technology, and processes to achieve the goal of reducing the likelihood and impact of cyber threats. The right security operations center (SOC) will strengthen the overall security resiliency of an organization. The wrong one will tax your team — leading to mistakes, breaches, and losses.

On June 9th 2023, security researchers from Olympe CyberDefense published a blog stating that they responsibly disclosed a critical vulnerability in SSL-VPN firewalls to Fortinet. This vulnerability, CVE-2023-27997, is a critical, pre-authentication RCE vulnerability that impacts all versions of Fortinet SSL-VPN firewalls, even if multi-factor authentication (MFA) is enabled. The security researchers responsibly disclosed the vulnerability to Fortinet.

On June 9, 2023, Progress released a security advisory detailing newly discovered SQL injection vulnerabilities impacting the MOVEit Transfer web application and Cloud. The vulnerabilities are distinct from CVE-2023-34362, which was actively exploited by Clop Ransomware to exfiltrate data and extort compromised organizations. Although distinct, the vulnerabilities result in nearly identical unauthorized access where threat actors could modify or disclose MOVEit database content.

On Tuesday, June 6, 2023, Barracuda announced that all ESG appliances compromised via CVE-2023-2868 must be immediately replaced, regardless of the current patch version. Barracuda ESG is an email security gateway that manages and filters inbound and outbound email traffic within an organization’s network. On May 18, 2023, Barracuda identified CVE-2023-2868 after being alerted to anomalous traffic originating from ESG appliances.