Ringing in the New Year with a Look Back

Ringing in the New Year with a Look Back

Welcome to the January Edition of The Watch, featuring cyber intel from Deepwatch Labs, information security news, industry insights, and upcoming Deepwatch events. Hit the Subscribe button to stay in the know!

?? IN THIS ISSUE:

  • Deepwatch SecOps Pulse Report
  • Deepwatch Insights: Choose Your Own SecOps Adventure
  • Deepwatch Labs: December Cyber Threats and Insights
  • Deepwatch Events: See Where We’ve Been
  • 3 Keys to Reducing Ransomware
  • Deepwatch Careers: Join Us!
  • InfoSec News?
  • Deepwatch Employee Spotlight
  • ICYMI + Upcoming Events!



Deepwatch SecOps Pulse Report

Deepwatch Q4 2022 SecOps Pulse Report

Get a fresh read on what SecOps leaders are doing to prepare for 2023.

In the report, we discuss?

  • Concerns about rising costs including cyber insurance
  • Challenges of a growing talent and expertise shortage
  • Uncertainty around a regulatory environment that appears ready for change

Download the Report.




?? Insights Blog: 24/7/365 Security Coverage – Choose Your Own Adventure

Deepwatch Insights Blog - 24/7/365 Security Coverage - Choose Your Own Adventure

Written by: Deepwatch CISO, David Stoicescu

Deepwatch found that 38% of companies do not have around the clock security coverage. And as we all know, attackers don’t respect business hours. The worry of whether or not an attack will occur at a time when your SOC isn't staffed is what keeps many security professionals up at night.?

So, how do you address this? In this Insights Blog?post, we dive into the various paths businesses can take to achieve 24/7/365 security coverage and what to consider when making that decision.

Read More.


?? Deepwatch Cyber Threat Intelligence

No alt text provided for this image
Deepwatch Labs

Deepwatch provides curated cybersecurity threat intelligence to keep your organization and SOC ahead of the latest security threats and zero-day vulnerabilities. Below are a few top cyber threats from the past month.

?? Citrix ADC and Citrix Gateway Critical Vulnerability (CVE-2022-27518) Actively Exploited

What Happened??

On 13 December, Citrix released a security bulletin for a vulnerability in Citrix Gateway and Citrix ADC devices, acknowledging in a blog post that they are “aware of a small number of targeted attacks in the wild.” On the same day, the National Security Agency (NSA) released a Cybersecurity Advisory (CSA), “APT5: Citrix ADC Threat Hunting Guidance,” due to APT5 demonstrating capabilities to target and exploit Citrix ADC deployments.

?? FortiOS SSL-VPN Vulnerability (CVE-2022-42475) Exploited in the Wild

What Happened??

A heap-based buffer overflow vulnerability [CVE-2022-42475 / CVSSv3 9.3] in FortiOS SSL-VPN was discovered, and Fortinet is aware of one instance where the vulnerability has been exploited in the wild. This vulnerability may allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.

?? CISA Publishes Advisory for Cuba Ransomware Affiliates

What You Need to Know:?

The FBI and CISA released a joint Cybersecurity Advisory (CSA) to disseminate known Cuba ransomware TTPs and observables identified through FBI investigations, third-party reporting, and open-source reporting. The advisory updates the FBI’s December 2021 Flash: Indicators of Compromise Associated with Cuba Ransomware.

?? Rise in Exploitation Attempts Against RDP

What You Need to Know:?

Cyble’s global sensor network data identified almost 5 million RDP exploitation attempts between September and November, primarily targeting the United States and Russia. The most prevalent vulnerability threat actors attempted to exploit was the BlueKeep vulnerability (CVE-2019-0708). Cyble hypothesizes that most exposed RDP ports over the internet still contain the BlueKeep vulnerability, identifying over 50,000 internet-exposed instances still affected by the BlueKeep vulnerability.

Subscribe to Deepwatch Labs to stay up-to-date on the latest cyber threat intelligence, advisories, and recommendations.


?? Deepwatch December Events

Xccelerate Roadshow Phoenix with Deepwatch Partners, Splunk and ANM .

Employees on a race car track for the 2022 Xccelerate Roadshow Phoenix event.

Deepwatch, along with partners and guests, took a ride in the fast lane during the Xccelerate Roadshow event where guests were able to drive a supercar and network with like-minded Information Security peers.?





Drybar Women in Tech Event with Drybar , SHI International Corp. , and Splunk .

Female employees at a Drybar Women in Tech event.

Deepwatch and partners, SHI International and Splunk hosted an event at Drybar where industry peers gathered to collaborate and enjoy a relaxing afternoon at the salon.


?? Three Keys to Reducing Ransomware

Three keys to reducing ransomware infographic. Download the full infographic to learn more

While we hope for a far less ransomware-filled 2023, organizations need to quickly advance their security profile using three key steps to ensure they are prepared to prevent and remediate attacks:

  1. Prevention
  2. Detection
  3. Remediation

Download the Full Infographic for more.



?? Find Your Career With Deepwatch!

Deepwatch marketing team smiling for the camera in the hotel lobby during a company event.

Our unique, fully remote work environment is developed with employee needs in mind, giving you the flexibility and benefits to make your career what you want. Explore current opportunities and learn how it feels to be part of the team.?

?

Join a dedicated team of professionals who are passionate about driving positive change in the cybersecurity industry.

View all open positions on our website here.


?? Trending Infosec News


?? Employee Spotlight

For this month's Employee Spotlight, we asked Security Analyst III, Patrick Sweeney , what true leadership looks like.

Employee spotlight featuring Deepwatch Security Analyst III, Patrick Sweeney

?? ICYMI...

How we help our customers prepare for tighter budgets with Deepwatch as an extension of their team.


?? UPCOMING EVENTS...

2023 Technology United CIO Forum | February 17, 2023

Downtown Milwaukee, Wisconsin near the Pfister Hotel

The CIO Forum is hosted by Technology United’s CIO Advisory Board members and benefits United Way of Greater Milwaukee & Waukesha County.

This half-day event brings together CIOs and CISOs from major companies in the Milwaukee area. Register today and View more Deepwatch Events!



About Deepwatch

Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by its cloud security platform, Deepwatch provides detection and automated response to cyber threats with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business. Visit www.deepwatch.com to learn more.

?? Follow Deepwatch on LinkedIn and Twitter.

No alt text provided for this image


Marcus Scott

Student at Stetson University

2 年

A great read. I'm a recent cybersecurity grad and I'm looking for any positions in the central Florida area.

要查看或添加评论,请登录

Deepwatch的更多文章

社区洞察

其他会员也浏览了