Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

CVE-2025-1974: Critical Unauthenticated RCE Vulnerability in Ingress NGINX for Kubernetes

Mar 25, 2025 By Andres Ramos In Arctic Wolf
On March 24, 2025, ingress-nginx maintainers released fixes for multiple vulnerabilities that could allow threat actors to take over Kubernetes clusters. Ingress is a Kubernetes feature that defines how workload Pods are exposed to the network, while an Ingress Controller implements those rules by configuring the necessary local or cloud resources. According to Kubernetes, ingress-nginx is deployed in over 40% of Kubernetes clusters.
Read Post
Arctic Wolf

Alleged Oracle Cloud Supply Chain Attack: Six Million Records Stolen, 140K Companies Affected

Mar 24, 2025 By Andres Ramos In Arctic Wolf
On March 20, 2025, a Breach Forums user, “rose87168,” claimed to have stolen six million records from Oracle Cloud’s SSO and LDAP services and offered the data for sale or in exchange for zero-day exploits. Breach Forums is a known marketplace for cybercriminals to trade stolen data and exploits.
Read Post

The Howler - Episode 17: Kerri Shafer Page, Vice President of Incident Response

Mar 24, 2025 By Arctic Wolf Networks In Arctic Wolf
This month, we sit down with Kerri Shafer-Page, Vice President of Incident Response, as she shares a peak behind the curtain of the day-to-day of her and her team, reflections on being a woman in tech, and so much more! Kerri Shafer-Page serves as the Vice President of Digital Forensics and Incident Response at Arctic Wolf. A proven leader in threat identification, IT security and data privacy incident response and mitigation, Kerri has served in leadership roles at IBM and AIG, overseeing incident response and cybersecurity claims.
View Video
Arctic Wolf

CVE-2025-23120: Critical Remote Code Execution Vulnerability in Veeam Backup & Replication

Mar 21, 2025 By Julian Tuin In Arctic Wolf
On March 19, 2025, Veeam published a security advisory for a critical severity vulnerability impacting their Backup & Replication software. The advisory did not provide technical details regarding the vulnerability, although it did mention that it could be exploited by authenticated domain users.
Read Post
Arctic Wolf

Widespread Fake CAPTCHA Campaign Delivering Malware

Mar 13, 2025 By Andres Ramos In Arctic Wolf
Arctic Wolf has recently observed a campaign in which threat actors are compromising widely used websites across various industries and embedding a fake CAPTCHA challenge. When victims visit the site, they are presented with the CAPTCHA challenge or redirected to a site that provides instructions, triggering PowerShell code execution and ultimately leading to the loading of information stealer malware.
Read Post

Arctic Wolf Incident Response: End-to-End Response and Recovery

Mar 12, 2025 By Arctic Wolf In Arctic Wolf
Explore how Arctic Wolf Incident Response provides 24x7 support to our customers, providing expertise and action when they need it most. The Arctic Wolf IR solution offers a suite of in-house offerings, from digital forensics, to recovery, to threat actor negotiations and data mining. Arctic Wolf is able to come in with our skills and expertise to step up fast, secure the environment, and help organizations restore their environment with speed and efficiency -- all in-house.
View Video

Arctic Wolf Incident Response: Advanced Threat Detection

Mar 12, 2025 By Arctic Wolf In Arctic Wolf
Explore how Arctic Wolf’s experienced IR team helps organizations respond to threats swiftly and effectively. From a threat intelligence perspective, the Arctic Wolf IR team is always on top of new and emerging threats, which allows them to help organizations detect and recover from threats faster and more effectively, regardless of the organization’s environment, location, or specific incident characteristics.
View Video

Arctic Wolf Incident Response: Experienced Technical Investigators

Mar 12, 2025 By Arctic Wolf In Arctic Wolf
Explore how our multi-faceted team of experienced technical investigators handles every part of the IR process, from digital forensics to threat actor negotiation to remediation and recovery. Arctic Wolf offers a full-service IR experience, helping organizations around the globe respond to and recover faster from severe cyber incidents.
View Video

How to Get Started with Arctic Wolf Managed Security Awareness

Mar 12, 2025 By Arctic Wolf In Arctic Wolf
In this demo, see how easy it is to set up and deploy Arctic Wolf's Managed Security Awareness so that your organization can quickly realize the value and work towards ending human risk. Learn more how Arctic Wolf Managed Security Awareness ends human risk by delivering 100% relevant microlearning content.
View Video
Arctic Wolf

What is Attack Surface Management?

Mar 11, 2025 By Arctic Wolf In Arctic Wolf
With the rise of hybrid work and software-as-a-service (SaaS) applications for core business functions, as well as the near ubiquity of the cloud, organizations’ attack surfaces are no longer easily defined. In many cases, they are rapidly expanding. This presents both new opportunities for threat actors and new challenges for security teams, giving rise to a new tactic for security posture improvement — attack surface management.
Read Post
Arctic Wolf

How AI is Transforming Cyber Attacks

Mar 7, 2025 By Arctic Wolf In Arctic Wolf
Since its introduction into cybersecurity in the late 1980s as a tool for detecting unusual activity, artificial intelligence (AI) has grown in popularity and functionality, with a major surge of adoption happening in the past few years, thanks to its growing ability to perform tasks faster and more accurately than humans. However, AI has never operated in isolation; it has always relied on human input. And any advanced technology that requires human input can be used for both good and bad.
Read Post
Arctic Wolf

Breaking Down Ransomware-as-a-Service

Mar 6, 2025 By Arctic Wolf In Arctic Wolf
Ransomware-as-a-service is a business model where ransomware operators and third parties, called “affiliates,” work together to launch ransomware attacks. RaaS was first identified in 2012 with the Reveton ransomware strain, and in the subsequent decade it has exploded into a sophisticated and ever-evolving cybercrime tactic.
Read Post
Arctic Wolf

Three VMware Zero-Days Exploited in the Wild Patched by Broadcom

Mar 4, 2025 By Andres Ramos In Arctic Wolf
On March 4, 2025, Broadcom released patches for three zero-day vulnerabilities exploited in the wild, affecting ESXi, Workstation, and Fusion. These vulnerabilities, discovered by Microsoft, range in severity from high to critical. Details of the exploitation have not been revealed at this time, and Arctic Wolf has not identified a public Proof-of-Concept (PoC) exploit.
Read Post
Arctic Wolf

Self-Proclaimed "BianLian Group" Uses Physical Mail to Extort Organizations

Mar 4, 2025 By Steven Campbell In Arctic Wolf
On or around February 25, 2025, a threat actor claiming to be associated with the BianLian ransomware group began using the United States Postal Service (USPS) to send physical ransom letters to executives, primarily within the US healthcare sector. Notably, when compared with historical BianLian communications and ransom notes, the physical ransom letters are drastically different in word usage and tone.
Read Post
Arctic Wolf

Healthcare Sector Targeted by Fake CAPTCHA Attack on HEP2go to Deliver Infostealer Malware

Mar 3, 2025 By Andres Ramos In Arctic Wolf
Arctic Wolf has recently observed a campaign targeting the healthcare sector, where victims visiting the widely used physical therapy video site HEP2go are redirected to a fake CAPTCHA webpage when they attempt to visit multiple parts of the website. This CAPTCHA provides instructions that trigger PowerShell code execution and the eventual loading of infostealer malware.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.