Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

Arctic Wolf

The Role of Digital Forensics in Incident Response

Nov 13, 2023 By Arctic Wolf In Arctic Wolf
An organization receives a ransom note from threat actors in the middle of the night and realizes critical data has been stolen, web applications are no longer functioning, and their SQL servers are encrypted. It’s the worst-case scenario. Thanks to an incident response (IR) team, which includes digital forensics specialists who are able to see how much of the environment is affected and determine the root case, the organization is back up and running in under 24 hours.
Read Post
Arctic Wolf

How to Improve Your Cloud Security with AWS

Nov 10, 2023 By Sule Tatar In Arctic Wolf
The cloud offers major benefits to organizations, helping increase business agility, better serve their customers’ needs, and cut their costs. This is why the typical modern business now uses public, infrastructure-as-a-service (IaaS) cloud platforms for its major business and organizational functions. However, the cloud also introduces new risks that can increase your costs should you fall victim to a breach.
Read Post
Arctic Wolf

CVE-2023-46604: Critical RCE Vulnerability in Apache ActiveMQ

Nov 3, 2023 By Andres Ramos In Arctic Wolf
On October 27, 2023, Apache published a security advisory addressing that a critical remote code execution (RCE) vulnerability has been fixed in the latest updates for Apache ActiveMQ products, CVE-2023-46604. This vulnerability was rated with a maximum Common Vulnerability Scoring System (CVSS) score of 10.0, as it can be exploited remotely by an unauthenticated threat actor in low complexity attacks.
Read Post
Arctic Wolf

Exploitation of CVE-2023-46604 in Apache ActiveMQ Leads to TellYouThePass Ransomware

Nov 3, 2023 By Stefan Hostetler, Markus Neis, Christopher Prest, Hady Azzam, Joe Wedderspoon, and Ross Phillips In Arctic Wolf
This article aims to share timely and relevant information about a rapidly developing campaign under investigation. We are publishing it as early as possible for the benefit of the cybersecurity community, and we may provide updates in the near future once more details become available in our research.
Read Post
Arctic Wolf

How to Secure Your Network Infrastructure

Nov 2, 2023 By Arctic Wolf In Arctic Wolf
Network infrastructure is not immune from the schemes of cybercriminals. State sponsored actors have U.S. Cybersecurity and Infrastructure Security Agency (CISA) concerned after a spike in attacks on networks. In April, Sudan-linked hackers launched a distributed denial of service (DDoS) attack on an Israeli government network, — and in late 2022, Arctic Wolf Labs issued a warning about a multiple CVEs tied to the Cisco Nexus Dashboard.
Read Post
Arctic Wolf

7 Types of Social Engineering Attacks

Oct 30, 2023 By Sule Tatar In Arctic Wolf
When a ransomware group launched twin cyber attacks on casino giants MGM and Caesars, they only needed the accidental participation of the organizations’ outsourced IT help desk to get started. It was social engineering — in this case impersonation over the phone, or vishing— that gave the hackers the information they needed to launch a ransomware attack that cost both casinos millions.
Read Post

Arctic Wolf Always Ahead: Gartner Peer Insights Customers' Choice in Managed Detection & Response

Oct 30, 2023 By Arctic Wolf In Arctic Wolf
Arctic Wolf was named as the Customers’ Choice for North America in the July 2023 Gartner® Peer Insights™ ‘ Voice of the Customer: Managed Detection and Response Services’ . Our Chief Product Officer Dan Schiappa explains how we continue to differentiate our approach to MDR with a full-service cloud-native platform that is praised by organizations worldwide for its efficacy, efficiency, and scale as attack vectors widen and existing endpoint solutions alone fail to protect organizations.
View Video

Arctic Wolf Always Ahead: Managed Security Awareness

Oct 30, 2023 By Arctic Wolf In Arctic Wolf
Our Chief Product Officer Dan Schiappa explains the differentiated approach Arctic Wolf takes to Managed Security Awareness®, making security education as simple and effective as possible for our customers. With Hollywood-quality production and entertaining material, Arctic Wolf's approach to micro-learning is both fast and fun.
View Video
Arctic Wolf

CVE-2023-46747: Critical Unauthenticated RCE Vulnerability in F5 BIG-IP

Oct 27, 2023 By Steven Campbell In Arctic Wolf
On October 26, 2023, F5 released security hotfixes for a critical unauthenticated RCE vulnerability (CVE-2023-46747) in BIG-IP’s Traffic Management User Interface (TMUI). If successfully exploited a threat actor with network access to the vulnerable system could bypass the configuration utility authentication and execute arbitrary system commands. CVE-2023-46747 is exploitable if the Traffic Management User Interface is exposed to the Internet.
Read Post
Arctic Wolf

CVE-2023-34048: Critical RCE Vulnerability in VMware vCenter Server and Cloud Foundation

Oct 26, 2023 By James Liolios In Arctic Wolf
On October 25, 2023 VMware published a security advisory regarding a critical out-of-bounds write vulnerability (CVE-2023-34048) that has been fixed in the latest updates by VMware. The vulnerability has received a critical severity rating by VMware as it could potentially allow a remote, unauthenticated threat actor to achieve remote code execution if successfully exploited.
Read Post
Subscribe to Arctic Wolf

Copyright © 2024 OpsMatters™. All rights reserved.