Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Arctic Wolf

North Korea-Linked Threat Actor, Diamond Sleet, Distributes Modified CyberLink Installer in Supply Chain Compromise

Nov 27, 2023 By Steven Campbell In Arctic Wolf
Beginning on at least October 20, 2023, a North Korea-linked threat actor, tracked as Diamond Sleet by Microsoft, leveraged a modified CyberLink installer to compromise victim assets. CyberLink Corp. is a Taiwan-based multimedia software company that develops media editing and recording software.
Read Post
Arctic Wolf

Business Email Compromise Attacks (BEC) Keep Growing - Here's How to Increase Your BEC Cybersecurity

Nov 21, 2023 By Arctic Wolf In Arctic Wolf

This spring, Australian authorities were able to arrest a cybercrime syndicate that had conducted BEC attacks on at least 15 individuals and organizations with stolen profits totaling $1.7 million (USD). If those numbers seem shocking, they’re part of a growing upward trend of BEC attacks that shows no sign of slowing down.

Read Post
Arctic Wolf

Understanding and Detecting Lateral Movement

Nov 20, 2023 By Arctic Wolf In Arctic Wolf
A threat actor, hoping to launch a ransomware attack on an organization, is able to use stolen credentials to get into a user’s email account. Utilizing spear phishing techniques and reconnaissance, the threat actor emails the IT department, asking for credentials to an important network application. They gain the credentials, move deeper into the network, and start setting up a ransomware attack.
Read Post
Arctic Wolf

7 Ways to Strike Balance Between Technical Debt and Security Posture in The World of Open Source

Nov 17, 2023 By Karan Goenka and Michael Fischer In Arctic Wolf
Software development at the speed of business is a constant balance of tradeoffs, and managing the risk of open-source software is one of the most emerging prominent examples. This is driven home by high-profile supply chain attacks such as the ones on SolarWinds, Log4J, and MoveIt. Each of these examples represents a different type of abuse, including.
Read Post

The Howler - Episode 3 - Dan Schiappa, Chief Product Officer

Nov 16, 2023 By Arctic Wolf In Arctic Wolf
In this episode, our hosts sit down with Dan Schiappa, Chief Product Officer at Arctic Wolf. Dan is responsible for driving innovation across product, engineering, alliances, and business development teams to help meet demand for security operations through Arctic Wolf’s growing customer base—especially in the enterprise sector.
View Video

The Howler - Episode 1 - Brian NeSmith, Co-Founder and Executive Chairman of Arctic Wolf

Nov 15, 2023 By Arctic Wolf In Arctic Wolf
In the first Howler podcast episode, our hosts sit down with Brian NeSmith, Co-Founder and Executive Chairman of Arctic Wolf. Brian NeSmith is an internationally recognized business leader, bringing more than 30 years of cybersecurity leadership, including extensive experience driving revenue growth and scaling organizations globally. Before founding Arctic Wolf, he served as CEO of Blue Coat Systems, and prior to Blue Coat, CEO of Ipsilon Networks (acquired by Nokia), which became the leading appliance platform for Check Point firewalls.
View Video

The Howler - Episode 2 - Adam Marrè - Chief Information Security Officer

Nov 15, 2023 By Arctic Wolf In Arctic Wolf
In this episode, our hosts sit down with Adam Marrè, Chief Information Security Officer at Arctic Wolf. Prior to joining Arctic Wolf, Adam was the Global Head of Information Security Operations and Physical Security at Qualtrics. With deep roots in the cybersecurity space, Adam spent almost 12 years with the FBI, holding positions like SWAT Senior Team Leader and Special Agent. In this episode, Adam gives us a peak into the life of a CISO, what keeps him up at night, how he manages stress, and what he believes is foundational to leadership.
View Video
Arctic Wolf

CVE-2023-23368 & CVE-2023-23369: Critical Command Injection Vulnerabilities in QNAP Products

Nov 14, 2023 By James Liolios In Arctic Wolf
On November 4, 2023, QNAP published security advisories for two critical command injection vulnerabilities impacting multiple versions of QNAP operating systems and applications related to the vendor’s network-attached storage (NAS) devices. Both vulnerabilities have been given critical CVSS scores (CVE-2023-23368: 9.8, CVE-2023-23369: 9.0) and both can lead to unauthenticated, remote threat actors executing commands if successfully exploited.
Read Post
Arctic Wolf

CVE-2023-47246: 0-day Remote Code Execution Vulnerability Actively Exploited in SysAid On-Premises

Nov 14, 2023 By Adrian Korn In Arctic Wolf
On November 2, 2023, SysAid was notified by Microsoft of a zero-day path traversal vulnerability allowing for remote code execution, which affects their on-premises ITSM solution. In the investigation conducted by SysAid, it was determined that the vulnerability was being actively exploited by a ransomware affiliate group known as Lace Tempest (DEV-0950), a group known for deploying the CL0P ransomware payload.
Read Post
Arctic Wolf

CVE-2023-38547 & CVE-2023-38548: Two Critical Vulnerabilities in Veeam ONE

Nov 14, 2023 By Steven Campbell In Arctic Wolf
On November 6, 2023, Veeam published security hotfixes for two critical-severity vulnerabilities impacting Veeam ONE. At this time, Arctic Wolf has not identified active exploitation of either vulnerability, nor a published proof of concept (PoC) exploit. Although threat actors have not historically targeted Veeam ONE products, obtaining RCE on the monitoring and analytics platform will likely increase the potential for threat actors to create a working PoC exploit and attempt exploitation.
Read Post
Subscribe to Arctic Wolf

Copyright © 2024 OpsMatters™. All rights reserved.