-
Research that builds detections
Note: You can view the full content of the blog here. Introduction Detection engineering is becoming increasingly important in surfacing new malicious activity. Threat actors might take advantage of previously unknown malware families – but a successful detection of certain methodologies or artifacts can help expose the entire infection chain. In previous blog posts, we…
-
Critical Vulnerability Uncovered: CVE-2025-0282 Puts Ivanti Systems at Risk
Ivanti has disclosed a critical vulnerability identified as CVE-2025-0282, affecting several of its products, including Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. With a CVSS Score of 9.0, this stack-based buffer overflow vulnerability allows remote, unauthenticated attackers to execute arbitrary code on the target device, posing significant security risks to affected systems.…
-
How New Year Traffic Stresses Your Cloud Security (And What to Do About It)
The New Year is here — a time for fresh beginnings, renewed goals, and ambitious business plans. However, it’s also a period where cybercriminals remain active, exploiting vulnerabilities that arise during high-traffic events and transitions into the new calendar year. While your focus is on starting the year strong and setting goals for growth, hackers…
-
Cloud Security Resolutions for a Threat-Free 2025
As the New Year begins, most people are busy crafting their resolutions; promises to hit the gym, learn a new skill, or break an old habit. Businesses navigating the complex digital landscape, on the other hand, face an evolving challenge of critical significance. Fortifying cloud security emerges as the ultimate strategic imperative for organizational resilience. …
-
Palo Alto PAN-OS Severe Vulnerability (CVE-2024-3393) Exploited
Palo Alto announced a critical security vulnerability affecting its PAN-OS software. PAN-OS is the operating system developed by Palo Alto Networks for its network security devices, which is used to provide advanced security features.The vulnerability tracked as CVE-2024-3393 can cause a denial of services (DoS) condition on susceptible devices. Understanding the Vulnerability Rated as High,…
-
Critical Dell SupportAssist Vulnerability (CVE-2024-52535) Exploited
Dell announced a critical security vulnerability affecting its SupportAssist software, widely used for system diagnostics and updates on Dell PCs. Identified as CVE-2024-52535, this flaw poses significant risks to cybersecurity experts and end-users. Understanding the Vulnerability Dell SupportAssist versions up to 4.6.1 for Home PCs and up to 4.5.0 for Business PCs contain a symbolic…
-
Understanding DDoS Attacks: A Comprehensive Guide
Businesses and services rely heavily on online presence, the threat of cyberattacks looms large. Among these threats, Distributed Denial of Service (DDoS) attacks stand out due to their ability to paralyze websites and online services. A DDoS attack occurs when multiple compromised systems target a single system, overwhelming it with traffic and rendering it inaccessible…
-
Lessons From the Field: How a Hospital Turned Cyber Challenges Into a Success Story
Every day, a renowned hospital serves the needs of over a million patients, delivering not only world-class care but also hope for healthier futures. But behind the scenes, the hospital’s small but mighty security team was feeling the strain. With two hospital campuses, multiple regional centers, and more than 50 care locations, the pressure to…
-
Cleo MFT Mass Exploitation Payload Analysis
Written by ARC Labs contributors, John Dwyer and Eric Gonzalez ARC Labs recently capture and analyzed the second and third stage payloads used during a Cleo MFT compromise. The compromise is a result of exploitation of CVE-2024-50623 which allows for unauthorized remote code execution. Additional reports suggest that exploitation of the vulnerability continues to be possible even after…
-
Lessons from the Field: How a Manufacturing Giant Transformed Its Security Posture
The complexities of cybersecurity often seem insurmountable for large enterprises. For one global manufacturing company, this was a lived reality. With a workforce of over 60,000 employees, more than 450,000 clients, and a steady stream of mergers and acquisitions, their security team faced challenges that felt increasingly impossible to solve. Yet, their journey toward building…